cleantalk
Vulnerabilities and Security Researches

WP VR – 360 Panorama and Virtual Tour Builder For WordPress, CVE-2025-47452

CVE, Research URL

CVE-2025-47452

Home page URL

Security reports for WP VR – 360 Panorama and Virtual Tour Builder For WordPress

Application

WP VR – 360 Panorama and Virtual Tour Builder For WordPress

Published on
Jun 17, 2025
Research Description
Unrestricted Upload of File with Dangerous Type vulnerability in RexTheme WP VR allows Upload a Web Shell to a Web Server. This issue affects WP VR: from n/a through 8.5.26.
Affected versions
Min -, max 8.5.27.
Status
vulnerable
Previous vulnerability researches
WordPress Ajax Load More and Infinite Scroll (CVE-2025-5586) , Jun 15, 2025
Load More Anything (CVE-2024-32110) , Jun 07, 2024
Load More Anything (6b946ad178fdf132c2a039c6c7e104487b2ab9cb) , Jun 07, 2024
Load More Anything (CVE-2024-24704) , Jun 10, 2024
WordPress Infinite Scroll – Ajax Load More (CVE-2025-4775) , Jun 18, 2025
New vulnerability
Arconix Shortcodes (CVE-2025-49858) , Jun 19, 2025
Responsive Starter Templates – Elementor & WordPress Templates (CVE-2025-49856) , Jun 19, 2025
WP VR – 360 Panorama and Virtual Tour Builder For WordPress (CVE-2025-47452) , Jun 19, 2025
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2025-49872) , Jun 19, 2025
myCred – Points, Rewards, Gamification, Ranks, Badges & Loyalty Plugin (CVE-2025-49857) , Jun 19, 2025