Vulnerabilities > Najeebmedia > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-20 | CVE-2024-49604 | Missing Authentication for Critical Function vulnerability in Najeebmedia Simple User Registration Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple User Registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through 5.5. | 9.8 |
| 2024-10-16 | CVE-2016-15042 | Unrestricted Upload of File with Dangerous Type vulnerability in Najeebmedia Frontend File Manager and Post Front-End Form The Frontend File Manager (versions < 4.0), N-Media Post Front-end Form (versions < 1.1) plugins for WordPress are vulnerable to arbitrary file uploads due to missing file type validation via the `nm_filemanager_upload_file` and `nm_postfront_upload_file` AJAX actions. | 9.8 |
| 2023-06-07 | CVE-2021-4356 | Missing Authorization vulnerability in Najeebmedia Frontend File Manager Plugin The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Download in versions up to, and including, 18.2. | 9.8 |
| 2023-03-06 | CVE-2022-4328 | Unspecified vulnerability in Najeebmedia Woocommerce Checkout Field Manager The WooCommerce Checkout Field Manager WordPress plugin before 18.0 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server | 9.8 |