Busiprof Web Shell Upload Risk: Unsecured File Upload

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Busiprof Web Shell Upload Risk: Unsecured File Upload

CVE-2026-39619

Summary

An attacker can upload malicious files to a Busiprof web server, potentially allowing them to take control of the server. This is a serious risk because it allows an attacker to execute arbitrary code. To protect your system, update Busiprof to a version 2.5.3 or later.

Original title

Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Busiprof busiprof allows Upload a Web Shell to a Web Server.This issue affects Busiprof: from n/a through <= 2.5.2.

Original description

Cross-Site Request Forgery (CSRF) vulnerability in priyanshumittal Busiprof busiprof allows Upload a Web Shell to a Web Server.This issue affects Busiprof: from n/a through <= 2.5.2.

Vulnerability type

CWE-352 Cross-Site Request Forgery (CSRF)

https://patchstack.com/database/Wordpress/Theme/busiprof/vulnerability/wordpress...

Published: 8 Apr 2026 · Updated: 10 Apr 2026 · First seen: 8 Apr 2026