3 matches found
CVE-2021-4382 Recently <= 3.0.4 - Arbitrary File Upload to Remote Code Exectution
The Recently plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the fetchexternalimage function in versions up to, and including, 3.0.4. This makes it possible for authenticated attackers to upload arbitrary files on the affected site's server whic...
CVE-2021-4382 Recently <= 3.0.4 - Arbitrary File Upload to Remote Code Exectution
The Recently plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the fetchexternalimage function in versions up to, and including, 3.0.4. This makes it possible for authenticated attackers to upload arbitrary files on the affected site's server whic...
CVE-2021-4382
The CVE-2021-4382 entry concerns the Recently plugin for WordPress. Affected component: fetch_external_image() in versions up to and including 3.0.4. Root cause: missing file type validation enables authenticated attackers to upload arbitrary files to the server. Impact: arbitrary file uploads wi...