Vulnerabilities > Plugin Planet > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-20 | CVE-2023-45603 | Unspecified vulnerability in Plugin-Planet User Submitted Posts Unrestricted Upload of File with Dangerous Type vulnerability in Jeff Starr User Submitted Posts – Enable Users to Submit Posts from the Front End.This issue affects User Submitted Posts – Enable Users to Submit Posts from the Front End: from n/a through 20230902. | 9.8 |
| 2023-06-07 | CVE-2019-25138 | Unrestricted Upload of File with Dangerous Type vulnerability in Plugin-Planet User Submitted Posts The User Submitted Posts plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the usp_check_images function in versions up to, and including, 20190312. | 9.8 |
| 2022-04-04 | CVE-2022-1165 | Unspecified vulnerability in Plugin-Planet Blackhole for BAD Bots The Blackhole for Bad Bots WordPress plugin before 3.3.2 uses headers such as CF-CONNECTING-IP, CLIENT-IP etc to determine the IP address of requests hitting the blackhole URL, which allows them to be spoofed. | 9.1 |