Flex Qr Code Generator

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:ajitdas:flex_qr_code_generator:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorAjitdas (2b39704c-8812-58b2-8909-308355da690d)
ProductFlex Qr Code Generator (0a96eb00-08d0-5fee-b47b-4697bd6026ad)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2025-12673 vulnerable 2026-06-08 07:04:30.632480 Flex QR Code Generator <= 1.2.7 - Unauthenticated Arbitrary File Upload
CRITICAL (9.8)
The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the update_qr_code() function in all versions up to, and including, 1.2.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Published: 2025-12-06T05:49:25.910Z
Updated: 2026-04-08T16:47:41.398Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2025-10041 vulnerable 2026-06-08 07:02:26.209177 Flex QR Code Generator <= 1.2.5 - Unauthenticated Arbitrary File Upload
CRITICAL (9.8)
The Flex QR Code Generator plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in thesave_qr_code_to_db() function in all versions up to, and including, 1.2.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
Published: 2025-10-15T08:25:54.047Z
Updated: 2026-04-08T16:48:20.408Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.