Vulnerabilities

Report: Update: CVE-2026-6271 - Career Section <= 1.7 - unauthenticated arbitrary file upload

2026-05-14 0 views admin

CVE ID :CVE-2026-6271 Published : May 14, 2026, 7:16 a.m. | 53 minutes ago Description :The Career Section plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 1.7 via the CV upload handler. This is due to missing file type validation. This makes it possible for unauthenticated attackers to upload files that may be executable, which makes remote code execution possible. Severity: 9.8 | CRITICAL Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE Details

CVE ID

CVE-2026-6271

Severity

CRITICAL

Published

May 14, 2026

Affected Product: WordPress

Impact: remote code execution

🏷️ Tags

reportupdatecareersectionunauthenticatedarbitraryuploadpublishedcvecve-2026-6271

InfinitSec - Latest Cybersecurity, Technology & Gaming News

Report: Update: CVE-2026-6271 - Career Section <= 1.7 - unauthenticated arbitrary file upload

CVE Details

🏷️ Tags

More from Vulnerabilities

Report: CVE-2026-5243 - The Plus Addons for Elementor – Addons for Elementor, Page Templates, Widgets, Me

Report: CVE-2026-6417 - GLS Shipping for WooCommerce <= 1.4.0 - reflected cross-site scripting via 'faile

Report: Latest: CVE-2026-5396 - Fluent Forms <= 6.1.21 - authenticated (subscriber+) authorization bypass via 'fo...

Report: Essential Guide: CVE-2026-8181 - Burst Statistics 3.4.0 - 3.4.1.1 - Authentication Bypass to Admin Account Takeover

Trending

CVE-2025-61481: Critical Remote Code Execution Vulnerability in MikroTik RouterOS & SwitchOS

CVE-2025-43939: Dell Unity OS Command Injection (High)

Google disputes false claims of massive Gmail data breach

Microsoft: DNS outage impacts Azure and Microsoft 365 services

3.5B Accounts, 1 Critical Flaw: Meta Closes WhatsApp Data-Harvesting