Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions.
Subscriber Arbitrary File Upload in Ecommerce Zone <= 0.9.7 versions.
Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions.
Subscriber Arbitrary File Upload in Restaurant Zone <= 0.7.8 versions.
Subscriber Arbitrary File Upload in PT Luxa Addons <= 1.2.2 versions.
Subscriber Arbitrary File Upload in Grip <= 1.0.9 versions.
Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions.
Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions.
Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions.
Subscriber Arbitrary File Upload in WP-BusinessDirectory <= 4.0.0 versions.
Subscriber Arbitrary File Upload in WpStream < 4.11.2 versions.
Subscriber Arbitrary File Download in Woocommerce Book Price <= 1.3 versions.
Contributor Arbitrary File Upload in Unlimited Elements for Elementor (Premium) <= 2.0.6 versions.
The WP Membership plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the user_profile_image_upload() function in all versions up to, and including, 1.6
Unauthenticated Arbitrary File Upload in GeekyBot <= 1.2.2 versions.
Subscriber Arbitrary File Deletion in WP User Manager <= 2.9.16 versions.
Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms <= 1.4.5 versions.
The File Uploader for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the callback function for the 'add-image-data' REST API endpoint i
The Responsive Thumbnail Slider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type sanitization in the via the image uploader in versions up to 1.0.1. This makes it
Unauthenticated Local File Inclusion in Snow Club <= 1.1 versions.
Page 1+ Next →