CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9341 – WordPress File Upload <= 3.4.0 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2015-9341
The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions on upload of .php.js files. El plugin wp-file-upload anterior a la versión 3.4.1 para WordPress tiene restricciones insuficientes en la carga de archivos .php.js. • https://wordpress.org/plugins/wp-file-upload/#developers • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9340 – WordPress File Upload < 3.0.0 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2015-9340
The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php5, phtml, htm, html, and htaccess files. El plugin wp-file-upload anterior de la versión 3.0.0 para WordPress tiene restricciones insuficientes en la carga de archivos php, js, pht, php3, php4, php5, phtml, htm, html y htacces • https://wordpress.org/plugins/wp-file-upload/#developers • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 8.2EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9339 – WordPress File Upload < 2.7.1 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2015-9339
The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js files. El plugin wp-file-upload anterior a la versión 2.7.1 para WordPress tiene restricciones insuficientes en la carga de archivos .js. • https://wordpress.org/plugins/wp-file-upload/#developers • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2015-9338 – WordPress File Upload <= 2.4.6 - Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2015-9338
The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php files. El plugin wp-file-upload anterior a la versión 2.5.0 para WordPress tiene restricciones insuficientes en la carga de archivos .php. • https://wordpress.org/plugins/wp-file-upload/#developers • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 0CVE-2014-5199 – WordPress File Upload < 2.4.2 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2014-5199
Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) before 2.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. NOTE: some of these details are obtained from third party information. Vulnerabilidad de CSRF en el plugin WordPress File Upload (wp-file-upload) anterior a 2.4.2 para WordPress permite a atacantes remotos secuestrar la autenticación de administradores para solicitudes que cambian las configuraciones de plugins a través de vectores no especificados. NOTA: algunos de estos detalles se obtienen de información de terceras partes. Cross-site request forgery (CSRF) vulnerability in the WordPress File Upload plugin (wp-file-upload) before 2.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors. • http://secunia.com/advisories/60520 http://wordpress.org/plugins/wp-file-upload/changelog • CWE-352: Cross-Site Request Forgery (CSRF) •