18 matches found
EUVD-2015-9180
Malware in sbrugna...
EUVD-2014-1277
Malware in sbrugna...
EUVD-2015-9181
Malware in sbrugna...
CVE-2014-125110
A vulnerability has been found in wp-file-upload Plugin up to 2.4.3 on WordPress and classified as problematic. Affected by this vulnerability is the function wfuajaxactioncallback of the file lib/wfuajaxactions.php. The manipulation leads to cross site scripting. The attack can be launched...
CVE-2014-125110 wp-file-upload Plugin wfu_ajaxactions.php wfu_ajax_action_callback cross site scripting
A vulnerability has been found in wp-file-upload Plugin up to 2.4.3 on WordPress and classified as problematic. Affected by this vulnerability is the function wfuajaxactioncallback of the file lib/wfuajaxactions.php. The manipulation leads to cross site scripting. The attack can be launched...
WordPress plugin wp-file-upload 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-10552 · WordPress · Wp-File-Upload
Name of the Vulnerable Software and Affected Versions: wp-file-upload Plugin versions up to 2.4.3 Description: A vulnerability has been found in the wp-file-upload Plugin, which is classified as problematic. The issue affects the function wfu ajax action callback of the file lib/wfu...
WordPress wp-file-upload plugin code issue vulnerability
WordPress is a set of blogging platform developed by WordPress Foundation using PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-file-upload is a file upload plugin used in it. A code issue vulnerability exists in the WordPress wp-file-upload plugin,...
WordPress wp-file-upload plugin code issue vulnerability (CNVD-2019-30990)
WordPress is a set of blogging platform developed by WordPress Foundation using PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-file-upload is a file upload plugin used in it. A code issue vulnerability exists in the WordPress wp-file-upload plugin,...
WordPress wp-file-upload plugin code issue vulnerability (CNVD-2019-30984)
WordPress is a set of blogging platform developed by WordPress Foundation using PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. wp-file-upload is a file upload plugin used in it. There is a code issue vulnerability in the WordPress wp-file-upload plugi...
CVE-2015-9340
The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php5, phtml, htm, html, and htaccess files...
Design/Logic Flaw
The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions on upload of .php.js files...
CVE-2015-9338
CVE-2015-9338 affects the WordPress wp-file-upload plugin prior to version 2.5.0. The vulnerability arises from insufficient restrictions on uploading PHP files, allowing potentially harmful PHP uploads through the plugin. Affected product is the wp-file-upload plugin for WordPress; root cause is...
CVE-2015-9339
The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js files...
CVE-2015-9339
The CVE-2015-9339 entry concerns the WordPress wp-file-upload plugin, affected up to versions prior to 2.7.1. The root cause described across connected sources is insufficient restrictions on uploading JavaScript (.js) files. Exploitation details or real-world impact are not provided in the docum...
CVE-2015-9340
The CVE-2015-9340 entry refers to the WordPress wp-file-upload plugin prior to 3.0.0, which has insufficient restrictions on uploading PHP, JS, and related script/markup files (php5, phtml, html, htaccess, etc.). The connected Red Hat, CNVD/CVE, CVE records and WPVulnDB entry corroborate this iss...
CVE-2015-9341
The CVE-2015-9341 entry concerns the WordPress wp-file-upload plugin. Affected component: wp-file-upload plugin for WordPress (versions prior to 3.4.1). Root cause: insufficient restrictions on uploads of .php.js files, enabling potentially executable payloads via file upload. Documented impact: ...
CVE-2014-5199
CVE-2014-5199 is a CSRF vulnerability in the WordPress File Upload plugin (wp-file-upload) for WordPress, affecting versions before 2.4.2. The issue allows remote attackers to hijack the administrator’s authentication for requests that change plugin settings via unspecified vectors. Root cause is...