Dreamstechnologies Doccure Core
2 CVEs affecting Dreamstechnologies Doccure Core. Latest disclosed: 2025-11-03. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-8900 | Critical | 9.8 | 2025-11-03 | The Doccure Core plugin for WordPress is vulnerable to privilege escalation in versions up to, and excluding, 1.5.4. This is due to the plugin allowing users w… |
CVE-2025-9113 | Critical | 9.8 | 2025-09-08 | The Doccure Core plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'doccure_temp_upload_to_media' functio… |