CVE-2025-32140

EUVD-2025-10481
Unrestricted Upload of File with Dangerous Type vulnerability in Nirmal Kumar Ram WP Remote Thumbnail wp-remote-thumbnail allows Upload a Web Shell to a Web Server.This issue affects WP Remote Thumbnail: from n/a through <= 1.3.2.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.9 CRITICAL
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 42%
Common Weakness Enumeration
References
https://patchstack.com/database/Wordpress/Plugin/wp-remote-thumbnail/vulnerability/wordpress-wp-remote-thumbnail-plugin-1-3-1-arbitrary-file-upload-vulnerability?_s_id=cve