Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
file upload vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2014-8739
Unrestricted file upload vulnerability in server/php/UploadHandler.php in the jQuery File Upload Plugin 6.4.4 for jQuery, as used in the Creative Solutions Creative Contact Form (formerly Sexy Contact Form) prior to 1.0.0 for WordPress and prior to 2.0.1 for Joomla!, allows remot...
Creative-solutions Creative Contact Form
Jquery File Upload Project Jquery File Upload 6.4.4
2 EDB exploits
1 Github repository
5.4
CVSSv3
CVE-2023-4811
The WordPress File Upload WordPress plugin prior to 4.23.3 does not sanitise and escape some of its settings, which could allow high privilege users such as contributors to perform Stored Cross-Site Scripting attacks.
Iptanus Wordpress File Upload
7.5
CVSSv3
CVE-2015-9341
The wp-file-upload plugin prior to 3.4.1 for WordPress has insufficient restrictions on upload of .php.js files.
Iptanus Wordpress File Upload
6.1
CVSSv3
CVE-2018-9844
The Iptanus WordPress File Upload plugin prior to 4.3.4 for WordPress mishandles Settings attributes, leading to XSS.
Iptanus Wordpress File Upload
1 EDB exploit
9.8
CVSSv3
CVE-2020-10564
An issue exists in the File Upload plugin prior to 4.13.0 for WordPress. A directory traversal can lead to remote code execution by uploading a crafted txt file into the lib directory, because of a wfu_include_lib call.
Iptanus Wordpress File Upload
7 Github repositories
7.5
CVSSv3
CVE-2015-9338
The wp-file-upload plugin prior to 2.5.0 for WordPress has insufficient restrictions on upload of .php files.
Iptanus Wordpress File Upload
7.5
CVSSv3
CVE-2015-9339
The wp-file-upload plugin prior to 2.7.1 for WordPress has insufficient restrictions on upload of .js files.
Iptanus Wordpress File Upload
7.5
CVSSv3
CVE-2015-9340
The wp-file-upload plugin prior to 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php5, phtml, htm, html, and htaccess files.
Iptanus Wordpress File Upload
5.4
CVSSv3
CVE-2018-9172
The Iptanus WordPress File Upload plugin prior to 4.3.3 for WordPress mishandles shortcode attributes.
Iptanus Wordpress File Upload
1 EDB exploit
9.8
CVSSv3
CVE-2018-9207
Arbitrary file upload in jQuery Upload File <= 4.0.2
Hayageek Jquery Upload File
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
injection
CVE-2024-30983
CVE-2023-4235
CVE-2024-21338
privilege
encryption
CVE-2023-4232
CVE-2024-31497
CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »