Vulnerability Details CVE-2025-29281
In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.006
EPSS Ranking 42.8%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2025-29281
-
cpe:2.3:a:perfree:perfreeblog:4.0.11