Vulnerability Details CVE-2025-29281
In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 31.0%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2025-29281
-
cpe:2.3:a:perfree:perfreeblog:4.0.11