CVE-2024-49218

Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently allows Object Injection.This issue affects Recently: from n/a through 1.1.

CVE-2021-4382

The Recently plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the fetch_external_image() function in versions up to, and including, 3.0.4. This makes it possible for authenticated attackers to upload arbitrary files on the affected site's server wh...