CVE-2025-32579

Name of the Vulnerable Software and Affected Versions: SoftClever Limited Sync Posts versions n/d through 1.0 SoftClever Limited Sync Posts versions n/a through 1.0

Since both descriptions refer to the same range of affected versions, we can consolidate them into one line. However, given the instructions to prioritize sources and the fact that "n/d" and "n/a" essentially convey the same information (not specified or not available), we can simplify this to reflect the range without specifying an exact start version, as the start version is not clearly defined in either case.

Name of the Vulnerable Software and Affected Versions: SoftClever Limited Sync Posts versions prior to 1.0

Description: The issue allows for the upload of a web shell to a web server due to unrestricted file upload with dangerous file types. This enables potential attackers to execute malicious code on the server.

Recommendations: For versions prior to 1.0, consider disabling file upload functionality until a patch is available to prevent exploitation. Restrict access to sensitive server areas to minimize the risk of malicious file uploads. Avoid using the file upload feature in Sync Posts until the issue is resolved.