EUVD-2021-34209

Malicious code in bioql PyPI...

CVE-2021-4382

The Recently plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the fetchexternalimage function in versions up to, and including, 3.0.4. This makes it possible for authenticated attackers to upload arbitrary files on the affected site's server whic...

CVE-2024-49218 WordPress Recently plugin <= 1.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently recently-viewed-most-viewed-and-sold-products-for-woocommerce allows Object Injection.This issue affects Recently: from n/a through = 1.1...

WordPress Recently plugin <= 1.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by LVT-tholv2k Patchstack Alliance in WordPress Plugin Recently versions = 1.1...

CVE-2021-4382

The Recently plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the fetchexternalimage function in versions up to, and including, 3.0.4. This makes it possible for authenticated attackers to upload arbitrary files on the affected site's server whic...

CVE-2021-4382

The CVE-2021-4382 entry concerns the Recently plugin for WordPress. Affected component: fetch_external_image() in versions up to and including 3.0.4. Root cause: missing file type validation enables authenticated attackers to upload arbitrary files to the server. Impact: arbitrary file uploads wi...

WordPress Recently plugin <= 3.0.4 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Yu Iwama of Secure Sky Technology Inc. and the JPCERT/CC Vulnerability Coordination Group in WordPress Recently plugin versions = 3.0.4. Solution Update the WordPress Recently plugin to the latest available version at least...