Skip to main content

Wp Upload Restriction

3 CVEs product

Monthly

CVE-2021-34627 MEDIUM This Month

A vulnerability in the getSelectedMimeTypesByRole function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to view custom extensions added by administrators.2.3 and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Wp Upload Restriction
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-34626 MEDIUM POC This Month

A vulnerability in the deleteCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to delete custom extensions added by administrators.2.3 and prior. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Wp Upload Restriction
NVD
CVSS 3.1
4.3
EPSS
0.7%
CVE-2021-34625 MEDIUM POC This Month

A vulnerability in the saveCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to inject arbitrary web scripts.2.3 and prior. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Upload Restriction
NVD
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 4.3
MEDIUM This Month

A vulnerability in the getSelectedMimeTypesByRole function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to view custom extensions added by administrators.2.3 and. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Wp Upload Restriction
NVD
EPSS 1% CVSS 4.3
MEDIUM POC This Month

A vulnerability in the deleteCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to delete custom extensions added by administrators.2.3 and prior. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress Authentication Bypass Wp Upload Restriction
NVD
EPSS 1% CVSS 5.4
MEDIUM POC This Month

A vulnerability in the saveCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to inject arbitrary web scripts.2.3 and prior. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Wp Upload Restriction
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy