Skip to main content

Frontend Uploader

2 CVEs product

Monthly

CVE-2021-24563 MEDIUM POC THREAT This Month

The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Frontend Uploader
NVD WPScan Exploit-DB
CVSS 3.1
6.1
EPSS
26.4%
CVE-2014-9444 MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the Frontend Uploader plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress Frontend Uploader
NVD
CVSS 2.0
4.3
EPSS
3.3%
EPSS 26% CVSS 6.1
MEDIUM POC THREAT This Month

The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Frontend Uploader
NVD WPScan Exploit-DB
EPSS 3% CVSS 4.3
MEDIUM POC This Month

Cross-site scripting (XSS) vulnerability in the Frontend Uploader plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.

XSS WordPress Frontend Uploader
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy