6 matches found
CVE-2021-4225
creationtimestamp| type| source ---|---|--- 2022-04-25 20:42:18+00:00| seen| https://t.me/cibsecurity/41410...
CVE-2021-4225
The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovere...
CVE-2021-4225
The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovere...
CVE-2021-4225
The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovere...
CVE-2021-4225 SP Project & Document Manager < 4.24 - Subscriber+ Shell Upload
The SP Project & Document Manager WordPress plugin before 4.24 allows any authenticated users, such as subscribers, to upload files. The plugin attempts to prevent PHP and other similar files that could be executed on the server from being uploaded by checking the file extension. It was discovere...
CVE-2021-4225
The CVE concerns the SP Project & Document Manager WordPress plugin (pre-4.24). The issue arises in the file-upload feature, where authentication is not restricted and users such as subscribers can upload files. The vendor’s extension-based checks are intended to block executable PHP or similar f...