Skip to main content

Recently

1 CVEs product

Monthly

CVE-2021-4382 HIGH Act Now

The Recently plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the fetch_external_image() function in versions up to, and including, 3.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.6% and no vendor patch available.

RCE WordPress File Upload Recently
NVD WPScan VulDB
CVSS 3.1
8.8
EPSS
10.6%
EPSS 11% CVSS 8.8
HIGH Act Now

The Recently plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the fetch_external_image() function in versions up to, and including, 3.0.4. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 10.6% and no vendor patch available.

RCE WordPress File Upload +1
NVD WPScan VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy