Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
12 vulnerabilities found for WordPress File Upload by Unknown
CVE-2024-6494 (GCVE-0-2024-6494)
Vulnerability from cvelistv5 – Published: 2024-08-07 06:00 – Updated: 2024-08-07 13:11
VLAI
Title
WordPress File Upload < 4.24.8 - Unauthenticated Stored XSS
Summary
The WordPress File Upload WordPress plugin before 4.24.8 does not properly sanitize and escape certain parameters, which could allow unauthenticated users to execute stored cross-site scripting (XSS) attacks.
Severity
6.1 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/5b21a9be-b5fe-47… | exploitvdb-entrytechnical-description |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
0 , < 4.24.8
(semver)
|
|
| wordpress_file_upload_project | wordpress_file_upload |
Affected:
0 , < 4.24.8
(custom)
cpe:2.3:a:wordpress_file_upload_project:wordpress_file_upload:*:-:-:*:-:wordpress:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wordpress_file_upload_project:wordpress_file_upload:*:-:-:*:-:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "wordpress_file_upload",
"vendor": "wordpress_file_upload_project",
"versions": [
{
"lessThan": "4.24.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-6494",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:09:41.973179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:11:42.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.24.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Majdeddine Ben Hadj Brahim"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.24.8 does not properly sanitize and escape certain parameters, which could allow unauthenticated users to execute stored cross-site scripting (XSS) attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T06:00:06.219Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/5b21a9be-b5fe-47ef-91c7-018dd42f763f/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.24.8 - Unauthenticated Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-6494",
"datePublished": "2024-08-07T06:00:06.219Z",
"dateReserved": "2024-07-03T19:37:49.194Z",
"dateUpdated": "2024-08-07T13:11:42.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6651 (GCVE-0-2024-6651)
Vulnerability from cvelistv5 – Published: 2024-08-06 06:00 – Updated: 2024-08-06 14:52
VLAI
Title
WordPress File Upload < 4.24.8 - Reflected XSS
Summary
The WordPress File Upload WordPress plugin before 4.24.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Severity
6.1 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/65e2c77d-09bd-4a… | exploitvdb-entrytechnical-description |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
0 , < 4.24.8
(semver)
|
|
| wordpress_file_upload_project | wordpress_file_upload |
Affected:
0 , < 4.24.8
(semver)
cpe:2.3:a:wordpress_file_upload_project:wordpress_file_upload:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wordpress_file_upload_project:wordpress_file_upload:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wordpress_file_upload",
"vendor": "wordpress_file_upload_project",
"versions": [
{
"lessThan": "4.24.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-6651",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T14:06:43.147759Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T14:52:56.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.24.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u0110\u1ee9c T\u00e0i"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.24.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T06:00:02.684Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/65e2c77d-09bd-4a44-81d9-d7a5db0e0f84/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.24.8 - Reflected XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-6651",
"datePublished": "2024-08-06T06:00:02.684Z",
"dateReserved": "2024-07-10T12:38:13.665Z",
"dateUpdated": "2024-08-06T14:52:56.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4811 (GCVE-0-2023-4811)
Vulnerability from cvelistv5 – Published: 2023-10-16 19:39 – Updated: 2025-04-23 16:11
VLAI
Title
WordPress File Upload < 4.23.3 - Author+ Stored Cross-Site Scripting
Summary
The WordPress File Upload WordPress plugin before 4.23.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks.
Severity
5.4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/7f9271f2-4de4-4b… | exploitvdb-entrytechnical-description |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
0 , < 4.23.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/7f9271f2-4de4-4be3-8746-2a3f149eb1d1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4811",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T16:06:35.966694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:11:48.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.23.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "FAIYAZ AHMAD"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.23.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-16T19:39:16.639Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/7f9271f2-4de4-4be3-8746-2a3f149eb1d1"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.23.3 - Author+ Stored Cross-Site Scripting",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2023-4811",
"datePublished": "2023-10-16T19:39:16.639Z",
"dateReserved": "2023-09-06T17:50:46.748Z",
"dateUpdated": "2025-04-23T16:11:48.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24962 (GCVE-0-2021-24962)
Vulnerability from cvelistv5 – Published: 2022-03-28 17:21 – Updated: 2024-08-03 19:49
VLAI
Title
WordPress File Upload < 4.16.3 - Contributor+ Path Traversal to RCE
Summary
The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution.
Severity
No CVSS data available.
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://plugins.trac.wordpress.org/changeset/2677722 | x_refsource_CONFIRM |
| https://wpscan.com/vulnerability/7a95b3f2-285e-40… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
4.16.3 , < 4.16.3
(custom)
|
|
| Unknown | WordPress File Upload Pro |
Affected:
4.16.3 , < 4.16.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:14.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
},
{
"product": "WordPress File Upload Pro",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "apple502j"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-28T17:21:01.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.16.3 - Contributor+ Path Traversal to RCE",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24962",
"STATE": "PUBLIC",
"TITLE": "WordPress File Upload \u003c 4.16.3 - Contributor+ Path Traversal to RCE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress File Upload",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
},
{
"product_name": "WordPress File Upload Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://plugins.trac.wordpress.org/changeset/2677722",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"name": "https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24962",
"datePublished": "2022-03-28T17:21:01.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:49:14.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24961 (GCVE-0-2021-24961)
Vulnerability from cvelistv5 – Published: 2022-03-07 08:16 – Updated: 2024-08-03 19:49
VLAI
Title
WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode
Summary
The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks
Severity
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://plugins.trac.wordpress.org/changeset/2677722 | x_refsource_CONFIRM |
| https://wpscan.com/vulnerability/c911bbbd-0196-4e… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
4.16.3 , < 4.16.3
(custom)
|
|
| Unknown | wordpress-file-upload-pro |
Affected:
4.16.3 , < 4.16.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:14.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/c911bbbd-0196-4e3d-ada3-4efb8a339954"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
},
{
"product": "wordpress-file-upload-pro",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "apple502j"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T08:16:12.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/c911bbbd-0196-4e3d-ada3-4efb8a339954"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24961",
"STATE": "PUBLIC",
"TITLE": "WordPress File Upload \u003c 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress File Upload",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
},
{
"product_name": "wordpress-file-upload-pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://plugins.trac.wordpress.org/changeset/2677722",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"name": "https://wpscan.com/vulnerability/c911bbbd-0196-4e3d-ada3-4efb8a339954",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c911bbbd-0196-4e3d-ada3-4efb8a339954"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24961",
"datePublished": "2022-03-07T08:16:12.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:49:14.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24960 (GCVE-0-2021-24960)
Vulnerability from cvelistv5 – Published: 2022-03-07 08:16 – Updated: 2024-08-03 19:49
VLAI
Title
WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG
Summary
The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks
Severity
No CVSS data available.
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/18902832-2973-49… | x_refsource_MISC |
| https://plugins.trac.wordpress.org/changeset/2677722 | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
4.16.3 , < 4.16.3
(custom)
|
|
| Unknown | wordpress-file-upload-pro |
Affected:
4.16.3 , < 4.16.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:13.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
},
{
"product": "wordpress-file-upload-pro",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "apple502j"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T08:16:10.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24960",
"STATE": "PUBLIC",
"TITLE": "WordPress File Upload \u003c 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress File Upload",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
},
{
"product_name": "wordpress-file-upload-pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2677722",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24960",
"datePublished": "2022-03-07T08:16:10.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:49:13.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6494 (GCVE-0-2024-6494)
Vulnerability from nvd – Published: 2024-08-07 06:00 – Updated: 2024-08-07 13:11
VLAI
Title
WordPress File Upload < 4.24.8 - Unauthenticated Stored XSS
Summary
The WordPress File Upload WordPress plugin before 4.24.8 does not properly sanitize and escape certain parameters, which could allow unauthenticated users to execute stored cross-site scripting (XSS) attacks.
Severity
6.1 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/5b21a9be-b5fe-47… | exploitvdb-entrytechnical-description |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
0 , < 4.24.8
(semver)
|
|
| wordpress_file_upload_project | wordpress_file_upload |
Affected:
0 , < 4.24.8
(custom)
cpe:2.3:a:wordpress_file_upload_project:wordpress_file_upload:*:-:-:*:-:wordpress:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wordpress_file_upload_project:wordpress_file_upload:*:-:-:*:-:wordpress:*:*"
],
"defaultStatus": "unknown",
"product": "wordpress_file_upload",
"vendor": "wordpress_file_upload_project",
"versions": [
{
"lessThan": "4.24.8",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-6494",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T13:09:41.973179Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T13:11:42.671Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.24.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Majdeddine Ben Hadj Brahim"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.24.8 does not properly sanitize and escape certain parameters, which could allow unauthenticated users to execute stored cross-site scripting (XSS) attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T06:00:06.219Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/5b21a9be-b5fe-47ef-91c7-018dd42f763f/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.24.8 - Unauthenticated Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-6494",
"datePublished": "2024-08-07T06:00:06.219Z",
"dateReserved": "2024-07-03T19:37:49.194Z",
"dateUpdated": "2024-08-07T13:11:42.671Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-6651 (GCVE-0-2024-6651)
Vulnerability from nvd – Published: 2024-08-06 06:00 – Updated: 2024-08-06 14:52
VLAI
Title
WordPress File Upload < 4.24.8 - Reflected XSS
Summary
The WordPress File Upload WordPress plugin before 4.24.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
Severity
6.1 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/65e2c77d-09bd-4a… | exploitvdb-entrytechnical-description |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
0 , < 4.24.8
(semver)
|
|
| wordpress_file_upload_project | wordpress_file_upload |
Affected:
0 , < 4.24.8
(semver)
cpe:2.3:a:wordpress_file_upload_project:wordpress_file_upload:*:*:*:*:*:*:*:* |
Credits
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:wordpress_file_upload_project:wordpress_file_upload:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "wordpress_file_upload",
"vendor": "wordpress_file_upload_project",
"versions": [
{
"lessThan": "4.24.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2024-6651",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-06T14:06:43.147759Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T14:52:56.919Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.24.8",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "\u0110\u1ee9c T\u00e0i"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.24.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin"
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-06T06:00:02.684Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/65e2c77d-09bd-4a44-81d9-d7a5db0e0f84/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.24.8 - Reflected XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2024-6651",
"datePublished": "2024-08-06T06:00:02.684Z",
"dateReserved": "2024-07-10T12:38:13.665Z",
"dateUpdated": "2024-08-06T14:52:56.919Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-4811 (GCVE-0-2023-4811)
Vulnerability from nvd – Published: 2023-10-16 19:39 – Updated: 2025-04-23 16:11
VLAI
Title
WordPress File Upload < 4.23.3 - Author+ Stored Cross-Site Scripting
Summary
The WordPress File Upload WordPress plugin before 4.23.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks.
Severity
5.4 (Medium)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/7f9271f2-4de4-4b… | exploitvdb-entrytechnical-description |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
0 , < 4.23.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:38:00.704Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/7f9271f2-4de4-4be3-8746-2a3f149eb1d1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2023-4811",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-23T16:06:35.966694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-23T16:11:48.850Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.23.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "FAIYAZ AHMAD"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.23.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-10-16T19:39:16.639Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/7f9271f2-4de4-4be3-8746-2a3f149eb1d1"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.23.3 - Author+ Stored Cross-Site Scripting",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2023-4811",
"datePublished": "2023-10-16T19:39:16.639Z",
"dateReserved": "2023-09-06T17:50:46.748Z",
"dateUpdated": "2025-04-23T16:11:48.850Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24962 (GCVE-0-2021-24962)
Vulnerability from nvd – Published: 2022-03-28 17:21 – Updated: 2024-08-03 19:49
VLAI
Title
WordPress File Upload < 4.16.3 - Contributor+ Path Traversal to RCE
Summary
The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution.
Severity
No CVSS data available.
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://plugins.trac.wordpress.org/changeset/2677722 | x_refsource_CONFIRM |
| https://wpscan.com/vulnerability/7a95b3f2-285e-40… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
4.16.3 , < 4.16.3
(custom)
|
|
| Unknown | WordPress File Upload Pro |
Affected:
4.16.3 , < 4.16.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:14.540Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
},
{
"product": "WordPress File Upload Pro",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "apple502j"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-28T17:21:01.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.16.3 - Contributor+ Path Traversal to RCE",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24962",
"STATE": "PUBLIC",
"TITLE": "WordPress File Upload \u003c 4.16.3 - Contributor+ Path Traversal to RCE"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress File Upload",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
},
{
"product_name": "WordPress File Upload Pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WordPress File Upload Free and Pro WordPress plugins before 4.16.3 allow users with a role as low as Contributor to perform path traversal via a shortcode argument, which can then be used to upload a PHP code disguised as an image inside the auto-loaded directory of the plugin, resulting in arbitrary code execution."
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://plugins.trac.wordpress.org/changeset/2677722",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"name": "https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/7a95b3f2-285e-40e3-aead-41932c207623"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24962",
"datePublished": "2022-03-28T17:21:01.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:49:14.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24961 (GCVE-0-2021-24961)
Vulnerability from nvd – Published: 2022-03-07 08:16 – Updated: 2024-08-03 19:49
VLAI
Title
WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode
Summary
The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks
Severity
No CVSS data available.
CWE
- CWE-79 - Cross-site Scripting (XSS)
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://plugins.trac.wordpress.org/changeset/2677722 | x_refsource_CONFIRM |
| https://wpscan.com/vulnerability/c911bbbd-0196-4e… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
4.16.3 , < 4.16.3
(custom)
|
|
| Unknown | wordpress-file-upload-pro |
Affected:
4.16.3 , < 4.16.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:14.402Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/c911bbbd-0196-4e3d-ada3-4efb8a339954"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
},
{
"product": "wordpress-file-upload-pro",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "apple502j"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T08:16:12.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/c911bbbd-0196-4e3d-ada3-4efb8a339954"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24961",
"STATE": "PUBLIC",
"TITLE": "WordPress File Upload \u003c 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress File Upload",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
},
{
"product_name": "wordpress-file-upload-pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 does not escape some of its shortcode argument, which could allow users with a role as low as Contributor to perform Cross-Site Scripting attacks"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross-site Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://plugins.trac.wordpress.org/changeset/2677722",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
},
{
"name": "https://wpscan.com/vulnerability/c911bbbd-0196-4e3d-ada3-4efb8a339954",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/c911bbbd-0196-4e3d-ada3-4efb8a339954"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24961",
"datePublished": "2022-03-07T08:16:12.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:49:14.402Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-24960 (GCVE-0-2021-24960)
Vulnerability from nvd – Published: 2022-03-07 08:16 – Updated: 2024-08-03 19:49
VLAI
Title
WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG
Summary
The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks
Severity
No CVSS data available.
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://wpscan.com/vulnerability/18902832-2973-49… | x_refsource_MISC |
| https://plugins.trac.wordpress.org/changeset/2677722 | x_refsource_CONFIRM |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Unknown | WordPress File Upload |
Affected:
4.16.3 , < 4.16.3
(custom)
|
|
| Unknown | wordpress-file-upload-pro |
Affected:
4.16.3 , < 4.16.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T19:49:13.982Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WordPress File Upload",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
},
{
"product": "wordpress-file-upload-pro",
"vendor": "Unknown",
"versions": [
{
"lessThan": "4.16.3",
"status": "affected",
"version": "4.16.3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "apple502j"
}
],
"descriptions": [
{
"lang": "en",
"value": "The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-03-07T08:16:10.000Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress File Upload \u003c 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG",
"x_generator": "WPScan CVE Generator",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "contact@wpscan.com",
"ID": "CVE-2021-24960",
"STATE": "PUBLIC",
"TITLE": "WordPress File Upload \u003c 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WordPress File Upload",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
},
{
"product_name": "wordpress-file-upload-pro",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "4.16.3",
"version_value": "4.16.3"
}
]
}
}
]
},
"vendor_name": "Unknown"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "apple502j"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The WordPress File Upload WordPress plugin before 4.16.3, wordpress-file-upload-pro WordPress plugin before 4.16.3 allows users with a role as low as Contributor to configure the upload form in a way that allows uploading of SVG files, which could be then be used for Cross-Site Scripting attacks"
}
]
},
"generator": "WPScan CVE Generator",
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e",
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/18902832-2973-498d-808e-c75d1aedc11e"
},
{
"name": "https://plugins.trac.wordpress.org/changeset/2677722",
"refsource": "CONFIRM",
"url": "https://plugins.trac.wordpress.org/changeset/2677722"
}
]
},
"source": {
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2021-24960",
"datePublished": "2022-03-07T08:16:10.000Z",
"dateReserved": "2021-01-14T00:00:00.000Z",
"dateUpdated": "2024-08-03T19:49:13.982Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}