cleantalk
Vulnerabilities and Security Researches

PWA for WP & AMP, 2d58fea2639bbd2fa6bd4a9a4dbefba1f662bc7a

CVE, Research URL

2d58fea2639bbd2fa6bd4a9a4dbefba1f662bc7a

Home page URL

Security reports for PWA for WP & AMP

Application

PWA for WP & AMP

Published on
Jul 01, 2021
Research Description
PWA for WP &amp; AMP [pwa-for-wp] < 1.7.33 WordPress PWA for WP & AMP plugin <= 1.7.32 - Authenticated Arbitrary File Upload vulnerability Authenticated Arbitrary File Upload vulnerability discovered by Jerome Bruandet in WordPress PWA for WP & AMP plugin (versions <= 1.7.32).
Affected versions
Min -, max 1.7.33.
Status
vulnerable
Previous vulnerability researches
PWA for WP &amp; AMP (CVE-2024-7759) , May 19, 2025
PWA for WP &amp; AMP (CVE-2024-47318) , Sep 29, 2024
PWA for WP &amp; AMP (2d58fea2639bbd2fa6bd4a9a4dbefba1f662bc7a) , Jun 06, 2024
PWA for WP &amp; AMP (CVE-2021-4366) , Jun 06, 2024
PWA for WP &amp; AMP (CVE-2021-4354) , Jun 06, 2024
New vulnerability
Formality (CVE-2025-3858) , May 20, 2025
PowerPress Podcasting plugin by Blubrry (CVE-2024-9227) , May 19, 2025
Free Booking Plugin for Hotels, Restaurant and Car Rental &#8211; eaSYNC (CVE-2024-9450) , May 19, 2025
PWA for WP &amp; AMP (CVE-2024-7759) , May 19, 2025
Badgearoo (CVE-2025-1033) , May 19, 2025