Vulnerabilities > WP Upload Restriction Project

DATE CVE VULNERABILITY TITLE RISK
2021-07-07 CVE-2021-34625 Cross-site Scripting vulnerability in Wp-Upload-Restriction Project Wp-Upload-Restriction
A vulnerability in the saveCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to inject arbitrary web scripts.
network
low complexity
wp-upload-restriction-project CWE-79
5.4
2021-07-07 CVE-2021-34626 Unspecified vulnerability in Wp-Upload-Restriction Project Wp-Upload-Restriction
A vulnerability in the deleteCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to delete custom extensions added by administrators.
network
low complexity
wp-upload-restriction-project
4.3
2021-07-07 CVE-2021-34627 Unspecified vulnerability in Wp-Upload-Restriction Project Wp-Upload-Restriction
A vulnerability in the getSelectedMimeTypesByRole function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to view custom extensions added by administrators.
network
low complexity
wp-upload-restriction-project
4.3