CVE-2025-32510

CVE-2025-32510

Information

CVE_ID              : CVE-2025-32510
Severity            : CRITICAL
Published        : 2025-06-17T15:15:42.093
LastModified  : 2025-06-17T20:50:23.507
Updated          : 2025-06-17T20:50:23.507
Status              : Awaiting Analysis

Descriptions:

Unrestricted Upload of File with Dangerous Type vulnerability in ovatheme Ovatheme Events Manager allows Using Malicious Files. This issue affects Ovatheme Events Manager: from n/a through 1.7.5.


Know Exploitability

Exploitability : False

Vendor Affected

CVE-2025-32510

V4.0

V3.1

Score : 10.0
Severity : CRITICAL
Attack Vector : NETWORK
Attack Complexity : LOW
Privileges Required : NONE
User Interaction : NONE
Scope : CHANGED
Confidentiality Impact : HIGH
Integrity Impact : HIGH
Availability Impact : HIGH
Exploitability : 3.9
Impact Score : 6.0

V3.0

V2.0

References

https://patchstack.com/database/wordpress/plugin/ova-events-manager/vulnerability/wordpress-ovatheme-events-manager-plugin-1-7-5-arbitrary-file-upload-vulnerability?_s_id=cve

Vendor Product