CVE-2025-46490 Information

Description

Unrestricted Upload of File with Dangerous Type vulnerability in wordwebsoftware Crossword Compiler Puzzles allows Upload a Web Shell to a Web Server. This issue affects Crossword Compiler Puzzles: from n/a through 5.2.

Reference

https://patchstack.com/database/wordpress/plugin/crossword-compiler-puzzles/vulnerability/wordpress-crossword-compiler-puzzles-5-2-arbitrary-file-upload-vulnerability?_s_id=cve