11 matches found
WordPress WP Import Export Lite plugin <= 3.9.29 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Vincent Fourcade vinceMatsui in WordPress Plugin WP Import Export Lite versions = 3.9.29...
WordPress April Framework plugin <= 5.1 - Authenticated (Subscriber+) Arbitrary File Upload
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Lucio Sá in WordPress Plugin April Framework versions = 5.1...
WordPress Droip plugin < 2.5.2 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Foxyyy in WordPress Plugin Droip versions 2.5.2...
WordPress WPBookit plugin <= 1.0.6 - Unauthenticated Arbitrary File Upload via image_upload_handle Function vulnerability
Unauthenticated Arbitrary File Upload via imageuploadhandle Function vulnerability discovered by theviper17y in WordPress Plugin WPBookit versions = 1.0.6...
WordPress FoxyPress plugin <= 0.4.2.1 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by WordFence in WordPress Plugin Foxypress versions 0.4.2.2...
WordPress WPBookit plugin <= 1.0.4 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by theviper17y in WordPress Plugin WPBookit versions = 1.0.4...
WordPress BEAF plugin <= 4.6.10 - Arbitrary File Upload Vulnerability
Arbitrary File Upload Vulnerability discovered by Ryan Kozak in WordPress Plugin BEAF versions = 4.6.10...
WordPress PowerPress Podcasting <= 11.12.5 - Arbitrary File Upload Vulnerability
Arbitrary File Upload Vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin PowerPress Podcasting versions = 11.12.5...
WordPress Greenshift plugin 11.4-11.4.5 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability
Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by mikemyers in WordPress Plugin Greenshift versions 11.4-11.4.5...
WordPress Wordpress Plugin Smart Product Review plugin <= 1.0.4 - Unauthenticated Arbitrary File Upload vulnerability
Unauthenticated Arbitrary File Upload vulnerability discovered by Keyvan Hardani in WordPress Plugin Smart Product Review versions = 1.0.4...
CVE-2023-4300 Import XML and RSS Feeds < 2.1.4 - Admin+ Arbitrary File Upload
The Import XML and RSS Feeds WordPress plugin before 2.1.4 does not filter file extensions for uploaded files, allowing an attacker to upload a malicious PHP file, leading to Remote Code Execution...