Skip to main content

Classyfrieds

1 CVEs product

Monthly

CVE-2021-24253 HIGH POC This Week

The Classyfrieds WordPress plugin through 3.8 does not properly check the uploaded file when an authenticated user adds a listing, only checking the content-type in the request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress PHP File Upload Classyfrieds
NVD GitHub WPScan
CVSS 3.1
8.8
EPSS
1.9%
EPSS 2% CVSS 8.8
HIGH POC This Week

The Classyfrieds WordPress plugin through 3.8 does not properly check the uploaded file when an authenticated user adds a listing, only checking the content-type in the request. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress PHP File Upload +1
NVD GitHub WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy