WordPress Plugin Vulnerabilities

ThemeREX Addons < 2.38.5 - Unauthenticated Arbitrary File Upload

Description

The plugin does not correctly validate file types in one of its AJAX action, allowing unauthenticated users to upload arbitrary file. This is due to an incorrect fix of CVE-2024-13448

Proof of Concept

Affects Plugins

Plugin icon
trx_addons
Fixed in 2.38.5

References

CVE
CVE-2026-1969

Miscellaneous

Original Researcher
Erwan LR (WPScan)
Submitter
Erwan LR (WPScan)
Verified
Yes
WPVDB ID
762530ae-80a5-4ff8-9725-6adab9498c33

Timeline

Publicly Published
2026-03-02 (about 1 month ago)
Added
2026-03-02 (about 1 month ago)
Last Updated
2026-04-10 (about 1 day ago)

Other

Published
Title
Published
2014-08-01
Title
wp-gpx-max version 1.1.21 - Arbitrary File Upload
Published
2025-01-13
Title
WR Price List Manager For Woocommerce <= 1.0.8 - Authenticated (Subscriber+) Arbitrary File Upload
Published
2024-03-07
Title
Elite Booster for WooCommerce < 7.1.8 - Authenticated (Subscriber+) Arbitrary File Upload
Published
2024-11-08
Title
HB AUDIO GALLERY <= 3.0 - Unauthenticated Arbitrary File Upload
Published
2024-03-25
Title
Everest Backup < 2.2.5 - Admin+ Arbitrary File Upload