CVE Catalog

CVE-2026-42748

Critical
Published: Translated: NVD NIST

Summary

The vulnerability in WPify Woo Czech allows unrestricted upload of files with dangerous types, enabling the upload of a web shell to a web server. This issue affects WPify Woo Czech from n/a through 5.4.1.

Risk Assessment

This threat could lead to server takeover, posing serious risks to the security of data and the organization's infrastructure.

Recommendation

It is recommended to update WPify Woo Czech to the latest version and implement strict file upload policies to minimize risk.

Original NVD description (English source)

Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through <= 5.4.1.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS