CVE-2025-27282

Published Apr 17, 2025

Last updated 2 months ago

CVSS critical 9.9

Overview

Description
Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator allows Using Malicious Files. This issue affects Theme File Duplicator: from n/a through 1.3.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.9
Impact score
6
Exploitability score
3.1
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

audit@patchstack.com
CWE-434

Social media

Hype score
Not currently trending

  1. 🚨 CVE-2025-27282 ⚠️🔴 CRITICAL (9.9) 🏢 rockgod100 - Theme File Duplicator 🏗️ Unknown Version 🔗 https://t.co/A3Keo241Yt #CyberCron #VulnAlert #InfoSec https://t.co/zXNLrBFQoJ

    @cybercronai

    19 Apr 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-27282 Unrestricted Upload of File with Dangerous Type vulnerability in rockgod100 Theme File Duplicator allows Using Malicious Files. This issue affects Theme File Duplicat… https://t.co/5aFfDAKPeu

    @CVEnew

    17 Apr 2025

    115 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.