Lucene search
K

6 matches found

EUVD
EUVD
added 2026/05/10 3:31 p.m.20 views

EUVD-2021-34795

WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the configfile endpoint to achieve remote code...

9.8CVSS6.5AI score0.00587EPSS
Exploits0References4
NVD
NVD
added 2026/05/10 1:16 p.m.17 views

CVE-2021-47933

WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the configfile endpoint to achieve remote code...

9.8CVSS0.00587EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/05/10 12:43 p.m.10 views

CVE-2021-47933

WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the configfile endpoint to achieve remote code...

9.8CVSS6.5AI score0.00587EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2026/05/10 12:43 p.m.38 views

CVE-2021-47933 WordPress MStore API 2.0.6 Arbitrary File Upload

WordPress MStore API 2.0.6 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload malicious files by sending POST requests to the REST API endpoint. Attackers can upload PHP files with arbitrary names to the configfile endpoint to achieve remote code...

9.8CVSS0.00587EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/05/10 12:0 a.m.8 views

WordPress plugin MStore API 访问控制错误漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

9.8CVSS6.3AI score0.00587EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2021/04/07 12:0 a.m.4 views

PT-2021-14682 · Jenkins · Jenkins

Name of the Vulnerable Software and Affected Versions: Jenkins versions 2.286 and earlier Jenkins LTS versions 2.277.1 and earlier Description: The issue arises from the lack of validation of the type of object created after loading data submitted to the "config.xml" REST API endpoint of a node...

4.3CVSS4.3AI score0.02725EPSS
Exploits0References10
Rows per page
Query Builder