CVE-2025-53251
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-21

Last updated on: 2026-04-23

Assigner: Patchstack

Description
Unrestricted Upload of File with Dangerous Type vulnerability in An-Themes Pin WP pin-wp allows Upload a Web Shell to a Web Server.This issue affects Pin WP: from n/a through < 7.2.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-21
Last Modified
2026-04-23
Generated
2026-05-07
AI Q&A
2025-08-21
EPSS Evaluated
2026-05-05
NVD
CVE-2025-53251
EUVD
EUVD-2025-25445
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
an-themes pin_wp *
an-themes responsive_menu *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an Unrestricted Upload of File with Dangerous Type in the An-Themes Pin WP plugin, which allows an attacker to upload a web shell to the web server. This means malicious files can be uploaded without proper restrictions, potentially giving attackers control over the server.


How can this vulnerability impact me? :

The vulnerability can have severe impacts including full compromise of the web server, allowing attackers to execute arbitrary code, steal data, modify or delete content, and disrupt services. It poses a high risk to confidentiality, integrity, and availability of the affected system.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart