Vulnerabilities > Unrestricted Upload of File with Dangerous Type
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-20 | CVE-2024-10161 | Unrestricted Upload of File with Dangerous Type vulnerability in PHPgurukul Boat Booking System 1.0 A vulnerability, which was classified as critical, was found in PHPGurukul Boat Booking System 1.0. | 8.8 |
| 2024-10-18 | CVE-2024-10120 | Unrestricted Upload of File with Dangerous Type vulnerability in Riskengine Radar A vulnerability has been found in wfh45678 Radar up to 1.0.8 and classified as critical. | 9.8 |
| 2024-10-16 | CVE-2016-15042 | Unrestricted Upload of File with Dangerous Type vulnerability in Najeebmedia Frontend File Manager and Post Front-End Form The Frontend File Manager (versions < 4.0), N-Media Post Front-end Form (versions < 1.1) plugins for WordPress are vulnerable to arbitrary file uploads due to missing file type validation via the `nm_filemanager_upload_file` and `nm_postfront_upload_file` AJAX actions. | 9.8 |
| 2024-10-16 | CVE-2020-36842 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpvivid Migration, Backup, Staging The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the wpvivid_upload_import_files and wpvivid_upload_files AJAX actions that allows low-level authenticated attackers to upload zip files that can be subsequently extracted. | 8.8 |
| 2024-10-16 | CVE-2021-4443 | The WordPress Mega Menu plugin for WordPress is vulnerable to Arbitrary File Creation in versions up to, and including, 2.0.6 via the compiler_save AJAX action. | 9.8 |
| 2024-10-16 | CVE-2021-4449 | Unrestricted Upload of File with Dangerous Type vulnerability in Digitalzoomstudio Zoomsounds The ZoomSounds plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'savepng.php' file in versions up to, and including, 5.96. | 9.8 |
| 2024-10-16 | CVE-2024-8746 | Unrestricted Upload of File with Dangerous Type vulnerability in Filemanagerpro File Manager The File Manager Pro plugin for WordPress is vulnerable to arbitrary backup file downloads and uploads due to missing file type validation via the 'mk_file_folder_manager_shortcode' ajax action in all versions up to, and including, 8.3.9. | 8.8 |
| 2024-10-16 | CVE-2024-8918 | Unrestricted Upload of File with Dangerous Type vulnerability in Filemanagerpro File Manager The File Manager Pro plugin for WordPress is vulnerable to Limited JavaScript File Upload in all versions up to, and including, 8.3.9. | 5.4 |
| 2024-10-15 | CVE-2024-9975 | Unrestricted Upload of File with Dangerous Type vulnerability in Rems Drag and Drop Image Upload 1.0 A vulnerability was found in SourceCodester Drag and Drop Image Upload 1.0. | 8.8 |
| 2024-10-15 | CVE-2024-9985 | Unrestricted Upload of File with Dangerous Type vulnerability in Ragic Enterprise Cloud Database Enterprise Cloud Database from Ragic does not properly validate the file type for uploads. | 9.8 |