12 matches found
EUVD-2021-21275
Malware in sbrugna...
EUVD-2021-21277
Malware in sbrugna...
WordPress Access Control Error Vulnerability (CNVD-2021-52425)
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. An access control error vulnerability exists in WordPress plugin WP Upload Restriction 2.2.3 and...
CVE-2021-34626
A vulnerability in the deleteCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to delete custom extensions added by administrators. This issue affects versions 2.2.3 and prior...
CVE-2021-34627
A vulnerability in the getSelectedMimeTypesByRole function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to view custom extensions added by administrators. This issue affects versions 2.2.3 and prior...
CVE-2021-34625
A vulnerability in the saveCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to inject arbitrary web scripts. This issue affects versions 2.2.3 and prior...
Design/Logic Flaw
A vulnerability in the saveCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to inject arbitrary web scripts. This issue affects versions 2.2.3 and prior...
CVE-2021-34625
The CVE-2021-34625 issue affects the WordPress WP Upload Restriction plugin (versions
CVE-2021-34625 WP Upload Restriction <= 2.2.3 - Authenticated Stored Cross-Site Scripting
A vulnerability in the saveCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to inject arbitrary web scripts. This issue affects versions 2.2.3 and prior...
CVE-2021-34627
The CVE refers to WP Upload Restriction WordPress plugin vulnerability in getSelectedMimeTypesByRole, affecting versions 2.2.3 and earlier. The issue allows a low‑level authenticated user to view custom extensions added by administrators, indicating an access‑control weakness in the role/ mime-ty...
CVE-2021-34627 WP Upload Restriction <= 2.2.3 - Missing Access Control in getSelectedMimeTypesByRole function
A vulnerability in the getSelectedMimeTypesByRole function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to view custom extensions added by administrators. This issue affects versions 2.2.3 and prior...
CVE-2021-34626
The CVE-2021-34626 issue affects the WordPress plugin WP Upload Restriction , specifically versions 2.2.3 and prior . The root cause is a missing access control in the deleteCustomType function, allowing low‑level authenticated users to delete custom extensions added by administrators. Documented...