CVE-2025-60735
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-24

Last updated on: 2025-10-27

Assigner: MITRE

Description
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-24
Last Modified
2025-10-27
Generated
2026-06-16
AI Q&A
2025-10-24
EPSS Evaluated
2026-06-15
NVD
EUVD
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
perfree perfreeblog 4.0.11
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-434 The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

PerfreeBlog v4.0.11 contains a File Upload vulnerability in its installPlugin function, which allows an attacker to upload arbitrary files to the system. [1]

Impact Analysis

This vulnerability can allow attackers to upload malicious files, potentially leading to unauthorized code execution, system compromise, data theft, or disruption of service. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-60735. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart