๐Ÿ” CVE Alert

CVE-2025-69403

CRITICAL 9.9

WordPress Bravis Addons plugin <= 1.3.0 - Arbitrary File Upload vulnerability

CVSS Score
9.9
EPSS Score
0.0%
EPSS Percentile
0th

Unrestricted Upload of File with Dangerous Type vulnerability in Bravis-Themes Bravis Addons bravis-addons allows Using Malicious Files.This issue affects Bravis Addons: from n/a through <= 1.3.0.

CWE CWE-434
Vendor bravis-themes
Product bravis addons
Published Feb 20, 2026
Last Updated Apr 1, 2026
Stay Ahead of the Next One

Get instant alerts for bravis-themes bravis addons

Be the first to know when new critical vulnerabilities affecting bravis-themes bravis addons are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Bravis-Themes / Bravis Addons
0 โ‰ค 1.3.0

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
patchstack.com: https://patchstack.com/database/Wordpress/Plugin/bravis-addons/vulnerability/wordpress-bravis-addons-plugin-1-1-9-arbitrary-file-upload-vulnerability?_s_id=cve

Credits

Phat RiO | Patchstack Bug Bounty Program