CVE-2012-10064

Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...

CVE-2012-10064

Omni Secure Files WordPress plugin versions before 0.1.14 contain an unauthenticated arbitrary file upload vulnerability in the bundled plupload example endpoint (upload.php). The handler does not enforce safe file type restrictions, allowing attacker-controlled files to be uploaded to the plugin...

PT-2026-3315

Omni Secure Files plugin versions prior to 0.1.14 contain an arbitrary file upload vulnerability in the bundled plupload example endpoint. The /wp-content/plugins/omni-secure-files/plupload/examples/upload.php handler allows unauthenticated uploads without enforcing safe file type restrictions,...

CVE-2025-15109

A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

CVE-2025-15109 jackq XCMS upload.php unrestricted upload

A flaw has been found in jackq XCMS up to 3fab5342cc509945a7ce1b8ec39d19f701b89261. This impacts an unknown function of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php. This manipulation causes unrestricted upload. It is possible to initiate the attack remotely. The exploit h...

XCMS 代码问题漏洞

XCMS is a CMS website builder system by JackQ individual developers. A code issue vulnerability exists in XCMS, which stems from an incorrect operation of the file Public/javascripts/admin/plupload-2.1.2/examples/upload.php, which could lead to unlimited uploads...