Primary

Context

FantasticPlugins SUMO Affiliates Pro Unrestricted File Upload Vulnerability

Vulnerability

A vulnerability allowing unrestricted file uploads has been identified in the FantasticPlugins SUMO Affiliates Pro WordPress plugin, affecting versions through 10.7.0. This vulnerability could be exploited to upload malicious files, potentially leading to further access or control over the website.

Impact

Exploitation of this vulnerability could allow for arbitrary file uploads, including the possibility of uploading backdoors that could be executed to gain additional access to the website.

Remediation

Users are advised to update to a version of SUMO Affiliates Pro later than 10.7.0. For those unable to update immediately, Patchstack offers a virtual patch that blocks attacks targeting this vulnerability.

Added: Jun 9, 2025, 4:45 PM

Updated: Jun 9, 2025, 4:45 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.2

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

FantasticPlugins SUMO Affiliates Pro Unrestricted File Upload Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating