Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-27 | CVE-2023-5604 | Unrestricted Upload of File with Dangerous Type vulnerability in Asgaros Forum The Asgaros Forum WordPress plugin before 2.7.1 allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthenticated users to upload dangerous files (e.g. | 9.8 |
| 2023-11-24 | CVE-2023-6274 | Unrestricted Upload of File with Dangerous Type vulnerability in Byzoro Smart S80 Firmware 20231108 A vulnerability was found in Byzoro Smart S80 up to 20231108. | 9.8 |
| 2023-11-23 | CVE-2023-41788 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. | 8.8 |
| 2023-11-23 | CVE-2023-41812 | Unrestricted Upload of File with Dangerous Type vulnerability in Artica Pandora FMS Unrestricted Upload of File with Dangerous Type vulnerability in Pandora FMS on all allows Accessing Functionality Not Properly Constrained by ACLs. | 8.8 |
| 2023-11-22 | CVE-2023-5822 | Unrestricted Upload of File with Dangerous Type vulnerability in Codedropz Drag and Drop multiple File Upload - Contact Form 7 The Drag and Drop Multiple File Upload - Contact Form 7 plugin for WordPress is vulnerable to arbitrary file uploads to insufficient file type validation in the 'dnd_upload_cf7_upload' function in versions up to, and including, 1.3.7.3. | 9.8 |
| 2023-11-18 | CVE-2023-6187 | Unrestricted Upload of File with Dangerous Type vulnerability in Strangerstudios Paid Memberships PRO The Paid Memberships Pro plugin for WordPress is vulnerable to arbitrary file uploads to insufficient file type validation in the 'pmpro_paypalexpress_session_vars_for_user_fields' function in versions up to, and including, 2.12.3. | 8.8 |
| 2023-11-17 | CVE-2023-39548 | Unrestricted Upload of File with Dangerous Type vulnerability in NEC products CLUSTERPRO X Ver5.1 and earlier and EXPRESSCLUSTER X 5.1 and earlier, CLUSTERPRO X SingleServerSafe 5.1 and earlier, EXPRESSCLUSTER X SingleServerSafe 5.1 and earlier allows a attacker to log in to the product may execute an arbitrary command. | 8.8 |
| 2023-11-17 | CVE-2023-48031 | Unrestricted Upload of File with Dangerous Type vulnerability in Opensupports 4.11.0 OpenSupports v4.11.0 is vulnerable to Unrestricted Upload of File with Dangerous Type. | 9.8 |
| 2023-11-15 | CVE-2023-6133 | Unrestricted Upload of File with Dangerous Type vulnerability in Incsub Forminator The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient blacklisting on the 'forminator_allowed_mime_types' function in versions up to, and including, 1.27.0. | 4.9 |
| 2023-11-14 | CVE-2023-48217 | Unrestricted Upload of File with Dangerous Type vulnerability in Statamic Statamic is a flat-first, Laravel + Git powered CMS designed for building websites. | 8.8 |