CVE-2023-25781 – WordPress Upload File Type Settings Plugin Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2023-25781
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Sebastian Krysmanski Upload File Type Settings plugin <= 1.1 versions. The Upload File Type Settings Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrative-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled. • https://patchstack.com/database/vulnerability/upload-file-type-settings-plugin/wordpress-upload-file-type-settings-plugin-plugin-1-1-cross-site-scripting-xss?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-23656 – WordPress MainWP File Uploader Extension Plugin <= 4.1 - Unauthenticated Arbitrary File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2023-23656
Unrestricted Upload of File with Dangerous Type vulnerability in MainWP MainWP File Uploader Extension.This issue affects MainWP File Uploader Extension: from n/a through 4.1. Carga sin restricciones de archivos con vulnerabilidad de tipo peligroso en MainWP MainWP File Uploader Extension. Este problema afecta a MainWP File Uploader Extension: desde n/a hasta 4.1. The MainWP File Uploader Extension for WordPress is vulnerable to arbitrary file uploads in versions up to, and including, 4.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible. • https://patchstack.com/database/vulnerability/mainwp-file-uploader-extension/wordpress-mainwp-file-uploader-extension-plugin-4-1-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2023-23653 – MainWP File Uploader Extension <= 4.1 - Authenticated (Subscriber+) Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2023-23653
The MainWP File Uploader Extension for WordPress is vulnerable to arbitrary file download. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete arbitrary files from the affected site. • CWE-862: Missing Authorization •
CVE-2022-4764 – Simple File Downloader <= 1.0.4 - Contributor+ Stored XSS via Shortcode
https://notcve.org/view.php?id=CVE-2022-4764
The Simple File Downloader WordPress plugin through 1.0.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks The Simple File Downloader plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://wpscan.com/vulnerability/788c6aa2-14cc-411f-95e8-5994f8c82d70 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-45476
https://notcve.org/view.php?id=CVE-2022-45476
Tiny File Manager version 2.4.8 executes the code of files uploaded by users of the application, instead of just returning them for download. This is possible because the application is vulnerable to insecure file upload. La versión 2.4.8 de Tiny File Manager ejecuta el código de los archivos cargados por los usuarios de la aplicación, en lugar de simplemente devolverlos para su descarga. Esto es posible porque la aplicación es vulnerable a la carga de archivos no segura. • https://fluidattacks.com/advisories/mosey https://github.com/prasathmani/tinyfilemanager • CWE-434: Unrestricted Upload of File with Dangerous Type •