Cozmoslabs WP Webhooks Path Traversal Vulnerability Allowing Unrestricted File Upload

Vulnerability

A vulnerability in the Cozmoslabs WP Webhooks plugin, specifically in versions through 3.3.8, allows for unrestricted file uploads of dangerous types, coupled with path traversal. This could potentially lead to the execution of malicious files on the server.

Impact

Exploitation of this vulnerability could result in arbitrary file uploads, including potentially malicious files that could be executed on the server.

Added: Dec 18, 2025, 8:23 AM

Updated: Dec 18, 2025, 3:29 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

1.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

7.4

remediation

0.0

relevance

1.5

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Cozmoslabs WP Webhooks Path Traversal Vulnerability Allowing Unrestricted File Upload

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating