CVE-2025-48300 Information

Description

Unrestricted Upload of File with Dangerous Type vulnerability in Adrian Tobey Groundhogg allows Upload a Web Shell to a Web Server. This issue affects Groundhogg: from n/a through 4.2.1.

Reference

https://patchstack.com/database/wordpress/plugin/groundhogg/vulnerability/wordpress-groundhogg-4-2-1-arbitrary-file-upload-vulnerability?_s_id=cve

Related CNNVD

CNNVD-202507-2204 (Published: 2025-07-16)