CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

22 matches found

RedhatCVE•added 2026/05/26 2:12 a.m.•12 views

CVE-2021-47965

WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation. Attackers can upload arbitrary files through the filemanager upload endpoint to achieve remote co...

9.8CVSS6.5AI score0.00576EPSS

Exploits0References1

NVD•added 2026/05/15 7:16 p.m.•10 views

CVE-2021-47965

9.8CVSS0.00576EPSS

Exploits0References4

Vulnrichment•added 2026/05/15 6:36 p.m.•9 views

CVE-2021-47965 WordPress Plugin WP Super Edit 2.5.4 Unrestricted File Upload

9.8CVSS6.5AI score0.00576EPSS

Exploits0References4

ATTACKERKB•added 2026/05/15 6:36 p.m.•4 views

CVE-2021-47965

9.8CVSS6.5AI score0.00576EPSS

Exploits0References4

CVE•added 2026/05/15 6:36 p.m.•13 views

CVE-2021-47965

CVE-2021-47965 affects WordPress plugin WP Super Edit (versions up to 2.5.4) and involves an unrestricted file upload in the FCKeditor component. The vulnerability allows uploading arbitrary files via the filemanager upload endpoint, enabling remote code execution and complete system compromise. ...

9.8CVSS6.5AI score0.00576EPSS

Exploits0References4

Cvelist•added 2026/05/15 6:36 p.m.•32 views

CVE-2021-47965 WordPress Plugin WP Super Edit 2.5.4 Unrestricted File Upload

9.8CVSS0.00576EPSS

Exploits0References4

EUVD•added 2026/05/15 6:36 p.m.•10 views

EUVD-2021-34820

9.8CVSS6.5AI score0.00576EPSS

Exploits0References4

Positive Technologies•added 2026/05/15 12:0 a.m.•10 views

PT-2026-41344

Name of the Vulnerable Software and Affected Versions WP Super Edit versions 2.5.4 and earlier Description The FCKeditor component contains an unrestricted file upload flaw. Attackers can upload arbitrary and dangerous file types without validation through the 'filemanager upload' endpoint, which...

9.8CVSS6.5AI score0.00576EPSS

Exploits0References6

CNNVD•added 2026/05/15 12:0 a.m.•7 views

WordPress plugin WP Super Edit 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS5.9AI score0.00576EPSS

Exploits0References1

RedhatCVE•added 2025/10/23 3:14 p.m.•3 views

CVE-2025-49948

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ahmad Awais WP Super Edit wp-super-edit allows Reflected XSS.This issue affects WP Super Edit: from n/a through = 2.5.4...

7.1CVSS6.4AI score0.00283EPSS

Exploits0References1

EUVD•added 2025/10/22 3:31 p.m.•3 views

EUVD-2025-35513

5.9AI score0.00283EPSS

Exploits0References2

CVE•added 2025/10/22 2:32 p.m.•5 views

CVE-2025-49948

CVE-2025-49948 affects the WordPress plugin WP Super Edit (component: wp-super-edit). Connected sources confirm an XSS vulnerability caused by improper neutralization/validation of input during web page generation, enabling reflected XSS in versions up to and including 2.5.4. The issue is describ...

7.1CVSS6AI score0.00283EPSS

Exploits0References1

Cvelist•added 2025/10/22 2:32 p.m.•8 views

CVE-2025-49948 WordPress WP Super Edit plugin <= 2.5.4 - Cross Site Scripting (XSS) Vulnerability

7.1CVSS0.00283EPSS

Exploits0References1

Vulnrichment•added 2025/10/22 2:32 p.m.•2 views

CVE-2025-49948 WordPress WP Super Edit plugin <= 2.5.4 - Cross Site Scripting (XSS) Vulnerability

7.1CVSS6AI score0.00283EPSS

Exploits0References1

CNNVD•added 2025/10/22 12:0 a.m.•3 views

WordPress plugin WP Super Edit 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...

7.1CVSS6AI score0.00283EPSS

Exploits0References1

Patchstack•added 2025/07/09 4:10 p.m.•5 views

WordPress WP Super Edit plugin <= 2.5.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin WP Super Edit versions = 2.5.4...

7.1CVSS6.2AI score0.00283EPSS

Exploits0Affected Software1

Packet Storm•added 2021/05/06 12:0 a.m.•143 views

WordPress WP Super Edit 2.5.4 Arbitrary File Upload

Title: Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload Author: h4shur date: 2021-05-06 Vendor Homepage: https://wordpress.org Software Link: https://wordpress.org/plugins/wp-super-edit/ Version : 2.5.4 and earlier Tested on: Windows 10 & Google Chrome Category : Web Application Bugs Dor...

7.4AI score

Exploits0

Exploit DB•added 2021/05/06 12:0 a.m.•184 views

Wordpress Plugin WP Super Edit 2.5.4 - Remote File Upload

7AI score

Exploits0

WPVulnDB•added 2014/08/01 10:58 a.m.•6 views

Monsters Editor - Arbitrary File Upload

The Monsters Editor for WP Super Edit WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

3.4AI score

Exploits0References1Affected Software1

Patchstack•added 2012/08/22 12:0 a.m.•8 views

WordPress Monsters Editor for WP Super Edit Plugin - Arbitrary File Upload

WordPress Monsters Editor for WP Super Edit plugin is prone to an arbitrary file upload vulnerability. It allows an attacker to upload arbitrary PHP code and run it in the context of the Web server process. This may facilitate unauthorized access or privilege escalation. Solution Update the plugi...

4.3AI score

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by