CVE-2026-25005

Authorization Bypass Through User-Controlled Key vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.5...

CVE-2025-64265 WordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.2...

EUVD-2025-9105

Malicious code in bioql PyPI...

CVE-2025-30613

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in N-Media Nmedia MailChimp nmedia-mailchimp-widget allows Stored XSS.This issue affects Nmedia MailChimp: from n/a through = 5.4...

CVE-2025-30613 WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in N-Media Nmedia MailChimp nmedia-mailchimp-widget allows Stored XSS.This issue affects Nmedia MailChimp: from n/a through = 5.4...

CVE-2025-30613 WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in N-Media Nmedia MailChimp nmedia-mailchimp-widget allows Stored XSS.This issue affects Nmedia MailChimp: from n/a through = 5.4...

CVE-2025-30613

CVE-2025-30613 is a Stored XSS in N-Media MailChimp Subscription (Nmedia MailChimp) affecting versions up to 5.4; root cause: improper input neutralization during web page generation. CVSS 3.1 base 6.5 (NETWORK, LOW=AV, UI:R). No remediation details or exploitation status provided in the documents.

WordPress plugin Nmedia MailChimp 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

PT-2025-14040 · Unknown · Nmedia Mailchimp

Name of the Vulnerable Software and Affected Versions: Nmedia MailChimp versions n/a through 5.4 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means an attacker can inject malicio...

WordPress Nmedia MailChimp plugin <= 5.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nguyen Thi Huyen Trang - Skalucy in WordPress Plugin Nmedia MailChimp versions = 5.4...

WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - doupload.php Arbitrary File Upload

WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - doupload.php Arbitrary File Upload source: https://www.securityfocus.com/bid/53790/info The Nmedia WordPress Member Conversation plug-in for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue...

WordPress Plugin Nmedia WordPress Member Conversation 1.35.0 - &#039;doupload.php&#039; Arbitrary File Upload

source: https://www.securityfocus.com/bid/53790/info The Nmedia WordPress Member Conversation plug-in for WordPress is prone to a vulnerability that lets attackers upload arbitrary files. The issue occurs because the application fails to adequately sanitize user-supplied input. An attacker can...

WordPress Nmedia MailChimp Plugin <= 3.1 - XSS

This plugin is prone to a cross site scripting vulnerability in apimailchimp/postToMailChimp.php abspath parameter. Solution Update the plugin...

WordPress Nmedia Users File Uploader Plugin Arbitrary File Upload Vulnerability

WordPress Nmedia Users File Uploader Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

WordPress Nmedia Member Conversation Plugin Arbitrary File Upload Vulnerability

WordPress Nmedia Member Conversation Plugin is prone to file upload vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2012-3577

Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

Unrestricted file upload

Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

CVE-2012-3577

Unrestricted file upload vulnerability in doupload.php in the Nmedia Member Conversation plugin before 1.4 for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in...

CVE-2012-3577

The CVE-2012-3577 issue affects the WordPress N‑Media Member Conversation plugin prior to version 1.4. It is an unrestricted file upload in doupload.php that lets remote attackers upload a file with an executable extension and access it at wp-content/uploads/user_uploads, enabling arbitrary code ...

WordPress Nmedia WP Member Conversation 1.35.0 Shell Upload

Description : Wordpress Plugins - Nmedia WordPress Member Conversation Shell Upload Vulnerability Version : 1.35.0 Link : http://wordpress.org/extend/plugins/wordpress-member-private-conversation/ Plugins : http://downloads.wordpress.org/plugin/wordpress-member-private-conversation.1.3.zip Date :...