Security Advisory

CVE-2025-12630

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-02 15:57:41

Last updated 2025-12-02 16:01:50

Assigner WPScan

State PUBLISHED

Description

The Upload.am WordPress plugin before 1.0.1 is vulnerable to arbitrary option disclosure due to a missing capability check on its AJAX request handler, allowing users such as contributor to view site options.

← Browse all CVEs View on cve.org ↗