Unrestricted File Upload Vulnerability in JP Students Result Management System by joy2012bd
CVE-2025-31916

9CRITICAL

Key Information:

Vendor: WordPress
Status: Jp Students Result Management System Premium
Vendor: CVE Published:; 23 May 2025

What is CVE-2025-31916?

The JP Students Result Management System Premium by joy2012bd is susceptible to an unrestricted file upload vulnerability. This flaw allows an attacker to upload malicious files, such as web shells, to the web server, potentially granting unauthorized access and control. Versions from 1.1.7 and later are affected, making it crucial for users to implement security measures to mitigate the risks associated with this vulnerability.

Affected Version(s)

JP Students Result Management System Premium 1.1.7

References

https://patchstack.com/database/wordpress/plugin/jp-stude...

vdb-entry

CVSS V3.1

Score:

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 23, 2025
Vulnerability Reserved
Apr 1, 2025

Credit

Cút lộn xào me (Patchstack Alliance)

WordPress

What is CVE-2025-31916?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit