CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-11635 – WordPress File Upload <= 4.24.12 - Unuathenticated Remote Code Execution
https://notcve.org/view.php?id=CVE-2024-11635
07 Jan 2025 — The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4.24.12 via the 'wfu_ABSPATH' cookie parameter. This makes it possible for unauthenticated attackers to execute code on the server. • https://plugins.svn.wordpress.org/wp-file-upload/trunk/wfu_file_downloader.php • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2024-9939 – WordPress File Upload <= 4.24.13 - Unauthenticated Path Traversal to Arbitrary File Read in wfu_file_downloader.php
https://notcve.org/view.php?id=CVE-2024-9939
07 Jan 2025 — The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.13 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read files outside of the originally intended directory. El complemento WordPress File Upload para WordPress es vulnerable a Path Traversal en todas las versiones hasta la 4.24.13 incluida a través de wfu_file_downloader.php. Esto permite que atacantes no autenticados lean archivos fuera del directori... • https://plugins.trac.wordpress.org/changeset/3188857/wp-file-upload • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2024-11613 – WordPress File Upload <= 4.24.15 - Unauthenticated Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2024-11613
07 Jan 2025 — The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary File Read, and Arbitrary File Deletion in all versions up to, and including, 4.24.15 via the 'wfu_file_downloader.php' file. This is due to lack of proper sanitization of the 'source' parameter and allowing a user-defined directory path. This makes it possible for unauthenticated attackers to execute code on the server. • https://github.com/Sachinart/CVE-2024-11613-wp-file-upload • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-12719 – WordPress File Upload <= 4.24.15 - Missing Authorization to Authenticated (Subscriber+) Limited Path Traversal
https://notcve.org/view.php?id=CVE-2024-12719
06 Jan 2025 — The WordPress File Upload plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'wfu_ajax_action_read_subfolders' function in all versions up to, and including, 4.24.15. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform limited path traversal to view directories and subdirectories in WordPress. Files cannot be viewed. El complemento WordPress File Upload de WordPress es vulnerable al acceso no autorizad... • https://plugins.trac.wordpress.org/browser/wp-file-upload/trunk/lib/wfu_ajaxactions.php#L849 • CWE-862: Missing Authorization •
CVSS: 10.0EPSS: 3%CPEs: 1EXPL: 4CVE-2024-9047 – WordPress File Upload <= 4.24.11 - Unauthenticated Path Traversal to Arbitrary File Read and Deletion in wfu_file_downloader.php
https://notcve.org/view.php?id=CVE-2024-9047
11 Oct 2024 — The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.11 via wfu_file_downloader.php. This makes it possible for unauthenticated attackers to read or delete files outside of the originally intended directory. Successful exploitation requires the targeted WordPress installation to be using PHP 7.4 or earlier. WordPress File Upload plugin versions 4.24.11 and below suffer from a a path traversal and arbitrary file download vulnerability in wf... • https://packetstorm.news/files/id/183439 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 0CVE-2024-7301 – WordPress File Upload <= 4.24.8 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload
https://notcve.org/view.php?id=CVE-2024-7301
15 Aug 2024 — The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.24.8 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. • https://plugins.trac.wordpress.org/browser/wp-file-upload/tags/4.24.8/lib/wfu_io.php#L176 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6651 – WordPress File Upload < 4.24.8 - Reflected XSS
https://notcve.org/view.php?id=CVE-2024-6651
16 Jul 2024 — The WordPress File Upload WordPress plugin before 4.24.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin El complemento WordPress File Upload de WordPress anterior a 4.24.8 no sanitiza ni escapa un parámetro antes de devolverlo a la página, lo que genera Cross-Site Scripting Reflejado que podría usarse contra usuarios con privilegios elevados, como el administrador. The ... • https://wpscan.com/vulnerability/65e2c77d-09bd-4a44-81d9-d7a5db0e0f84 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1CVE-2024-6494 – WordPress File Upload < 4.24.8 - Unauthenticated Stored XSS
https://notcve.org/view.php?id=CVE-2024-6494
16 Jul 2024 — The WordPress File Upload WordPress plugin before 4.24.8 does not properly sanitize and escape certain parameters, which could allow unauthenticated users to execute stored cross-site scripting (XSS) attacks. The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom text fileds in all versions up to, and including, 4.24.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web script... • https://wpscan.com/vulnerability/5b21a9be-b5fe-47ef-91c7-018dd42f763f • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-5852 – WordPress File Upload <= 4.24.7 - Authenticated (Contributor+) Directory Traversal
https://notcve.org/view.php?id=CVE-2024-5852
15 Jul 2024 — The WordPress File Upload plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.24.7 via the 'uploadpath' parameter of the wordpress_file_upload shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to upload limited files to arbitrary locations on the web server. • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=3118456%40wp-file-upload&new=3118456%40wp-file-upload&sfp_email=&sfph_mail= • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-2847 – WordPress File Upload <= 4.24.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
https://notcve.org/view.php?id=CVE-2024-2847
29 Mar 2024 — The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 4.24.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento WordPress File Upload para WordPress es vulnera... • https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3060091%40wp-file-upload%2Ftrunk&old=3045068%40wp-file-upload%2Ftrunk&sfp_email=&sfph_mail= • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •