CVE-2025-47550

Name of the Vulnerable Software and Affected Versions Themefic Instantio versions n/a through 3.3.16

Description The issue allows for the unrestricted upload of files with dangerous types, enabling an attacker to upload a web shell to a web server. This can lead to further exploitation and potential control of the server.

Recommendations For versions n/a through 3.3.16, consider restricting or disabling file upload functionality until a patch is available. As a temporary workaround, restrict access to sensitive areas of the web server to minimize the risk of exploitation.