CVE-2025-24650

Published Jan 24, 2025

Last updated 15 days ago

Overview

Description
Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic allows Upload a Web Shell to a Web Server.This issue affects Tourfic: from n/a through <= 2.15.3.
Source
audit@patchstack.com
NVD status
Modified
Products
tourfic

Weaknesses

audit@patchstack.com
CWE-434

Social media

Hype score
Not currently trending

  1. CVE-2025-24650 Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic allows Upload a Web Shell to a Web Server. This issue affects Tourfic: from n/a thro… https://t.co/0mAXw06H9N

    @CVEnew

    24 Jan 2025

    168 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. Critical vulnerability (CVE-2025-24650, CVSS 9.1) in Themefic Tourfic (up to 2.15.3) allows unrestricted file upload, enabling web shell attacks. Update immediately!

    @BursaMatus

    24 Jan 2025

    27 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. [CVE-2025-24650: CRITICAL] Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic allows Upload a Web Shell to a Web Server. This issue affects Tourfic: from n/a through 2.15.3.#cybersecurity,#vulnerability https://t.co/IXBH8qmRKL https://t.co/fBmfcM92M

    @CveFindCom

    24 Jan 2025

    24 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. The Tourfic – Ultimate Hotel Booking, Travel Booking & Apartment Booking WordPress Plugin | WooCommerce Booking plugin for WordPress is vulnerable to SQL Injection via the 'enquiry_id' parameter of the 'tf_enquiry_reply_email_callback' function in all versions up to, and including, 2.15.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.CVE-2024-12032
  2. The Tourfic plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.11.20. This is due to missing or incorrect nonce validation on the tf_order_status_email_resend_function, tf_visitor_details_edit_function, tf_checkinout_details_edit_function, tf_order_status_edit_function, tf_order_bulk_action_edit_function, tf_remove_room_order_ids, and tf_delete_old_review_fields functions. This makes it possible for unauthenticated attackers to resend order status emails, update visitor/order details, edit check-in/out details, edit order status, perform bulk order status updates, remove room order IDs, and delete old review fields, respectively, via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.CVE-2024-8319
  3. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.7.CVE-2024-29137
  4. Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.17.CVE-2024-29136
  5. Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.15.CVE-2024-29135

References

Sources include official advisories and independent security research.