CVE-2026-58480 | Creative mes Blocksy Companion Pro Plugin up to 2.1.46 Advanced Reviews Feature shell.woff2.php save_attachments unrestricted upload

SecurityVulns

A vulnerability was found in Creative mes Blocksy Companion Pro Plugin up to 2.1.46. It has been classified as critical. Impacted is the function save_attachments of the file shell.woff2.php of the component Advanced Reviews Feature. This manipulation causes unrestricted upload.

This vulnerability appears as CVE-2026-58480. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More