PT-2026-23403 · WordPress · Wp Chill Filr
Que Thanh Tuan
·
Published
2026-03-05
·
Updated
2026-03-05
·
CVE-2026-28133
CVSS v3.1
8.5
High
| Vector | AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
WP Chill Filr versions prior to 1.2.13
Description
A flaw exists in WP Chill Filr filr-protection that permits the upload of a web shell to a web server. This is due to unrestricted file upload with a dangerous type. The issue allows for the potential compromise of the server through malicious file uploads.
Recommendations
Update WP Chill Filr to version 1.2.13 or later.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Wp Chill Filr