Name of the Vulnerable Software and Affected Versions: BerqWP – Automated All-In-One Page Speed Optimization for Core Web Vitals, Cache, CDN, Images, CSS, and JavaScript plugin for WordPress versions through 2.2.42 Description: The BerqWP plugin for WordPress is susceptible to arbitrary file uploads due to insufficient file type validation. This flaw resides in the store javascript cache.php file and allows unauthenticated attackers to upload arbitrary files to the server, potentially leading to remote code execution. Recommendations: Update the BerqWP plugin to a version beyond…Read More
PT-2025-31602 · WordPress · Berqwp
