Show filters
26 Total Results
Displaying 21-26 of 26
Sort by:
Attacker Value
Unknown
CVE-2015-9339
Disclosure Date: August 22, 2019 (last updated November 27, 2024)
The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js files.
0
Attacker Value
Unknown
CVE-2015-9338
Disclosure Date: August 22, 2019 (last updated November 27, 2024)
The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php files.
0
Attacker Value
Unknown
CVE-2015-9341
Disclosure Date: August 22, 2019 (last updated November 27, 2024)
The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions on upload of .php.js files.
0
Attacker Value
Unknown
CVE-2018-9844
Disclosure Date: April 07, 2018 (last updated November 26, 2024)
The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS.
0
Attacker Value
Unknown
CVE-2018-9172
Disclosure Date: April 01, 2018 (last updated November 26, 2024)
The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes.
0
Attacker Value
Unknown
CVE-2014-5199
Disclosure Date: August 12, 2014 (last updated October 05, 2023)
Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) before 2.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information.
0
