Skip to main content

Big File Uploads

2 CVEs product

Monthly

CVE-2024-8538 MEDIUM PATCH This Month

The Big File Uploads - Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

WordPress Information Disclosure File Upload Big File Uploads
NVD GitHub
CVSS 3.1
4.3
EPSS
0.6%
CVE-2023-47792 HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Infinite Uploads Big File Uploads - Increase Maximum File Upload Size plugin <= 2.1.1 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload CSRF Big File Uploads
NVD
CVSS 3.1
8.8
EPSS
0.3%
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

The Big File Uploads - Increase Maximum File Upload Size plugin for WordPress is vulnerable to Full Path Disclosure in all versions up to, and including, 2.1.2. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

WordPress Information Disclosure File Upload +1
NVD GitHub
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site Request Forgery (CSRF) vulnerability in Infinite Uploads Big File Uploads - Increase Maximum File Upload Size plugin <= 2.1.1 versions. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

File Upload CSRF Big File Uploads
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy