Perfree: community verdicts
4 notable / known-exploited Perfree CVEs the community has triaged.
ⓘ Not an exhaustive list: we focus on the findings that matter (exploited / notable). For every Perfree CVE, see NVD ↗.
- CVE-2025-60729MED 5.3EPSS 0%
PerfreeBlog v4.0.11 has an arbitrary file read vulnerability in the validThemeFilePath function
- CVE-2025-60730HIGH 7.6Real · low riskEPSS 0%
PerfreeBlog v4.0.11 has an arbitrary file deletion vulnerability in the unInstallTheme function
- CVE-2025-60731HIGH 7.6Real · low riskEPSS 0%
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installTheme function
- CVE-2025-60735HIGH 7.6Real · low riskEPSS 0%
PerfreeBlog v4.0.11 has a File Upload vulnerability in the installPlugin function