Vulnerability Details CVE-2025-29281
In PerfreeBlog version 4.0.11, regular users can exploit the arbitrary file upload vulnerability in the attach component to upload arbitrary files and execute code within them.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.5%
CVSS Severity
CVSS v3 Score 8.8
References
Products affected by CVE-2025-29281
-
cpe:2.3:a:perfree:perfreeblog:4.0.11