| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-4101 | Images Optimize and Upload CF7 <= 2.1.4 - Unauthenticated Arbitrary File Deletion | Unknown | Images Optimize and Upload CF7 | 超危 | - | 2023-01-16 15:37:50 | Deep Dive |
| CVE-2022-4632 | Auto Upload Images cross site scripting | - | Auto Upload Images | Low | 3.5 | 2022-12-21 00:00:00 | Deep Dive |
| CVE-2022-4633 | Auto Upload Images Settings setting-page.php cross-site request forgery | - | Auto Upload Images | Medium | 4.3 | 2022-12-21 00:00:00 | Deep Dive |
| CVE-2022-3282 | Drag and Drop Multiple File Upload < 1.3.6.5 - File Upload Size Limit Bypass | Unknown | Drag and Drop Multiple File Upload – Contact Form 7 | 中危 | - | 2022-10-17 00:00:00 | Deep Dive |
| CVE-2022-37346 | EC-CUBE 代码问题漏洞 | EC-CUBE CO.,LTD. | Product Image Bulk Upload Plugin | 超危 | - | 2022-09-27 01:55:15 | Deep Dive |
| CVE-2022-34154 | WordPress Enable SVG, WebP & ICO Upload plugin <= 1.0.1 - Authenticated Arbitrary File Upload vulnerability | ideasToCode | Enable SVG, WebP & ICO Upload (WordPress plugin) | High | 7.2 | 2022-08-01 13:55:12 | Deep Dive |
| CVE-2022-36343 | WordPress Enable SVG, WebP & ICO Upload plugin <= 1.0.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability | ideasToCode | Enable SVG, WebP & ICO Upload (WordPress plugin) | Low | 3.4 | 2022-08-01 13:55:01 | Deep Dive |
| CVE-2022-30999 | Possible cross-site scripting attack via unsanitized SVG files in FoF Upload | FriendsOfFlarum | upload | High | 8.7 | 2022-05-25 21:30:14 | Deep Dive |
| CVE-2022-29425 | WordPress Checkout Files Upload for WooCommerce plugin <= 2.1.2 - Cross-Site Scripting (XSS) vulnerability | WP Wham | Checkout Files Upload for WooCommerce (WordPress plugin) | Medium | 6.1 | 2022-05-20 19:58:18 | Deep Dive |
| CVE-2022-0595 | Drag and Drop Multiple File Upload - Contact Form 7 < 1.3.6.3 - Unauthenticated Stored XSS | Unknown | Drag and Drop Multiple File Upload – Contact Form 7 | 中危 | - | 2022-03-28 17:22:57 | Deep Dive |
| CVE-2021-24962 | WordPress File Upload < 4.16.3 - Contributor+ Path Traversal to RCE | Unknown | WordPress File Upload | 高危 | - | 2022-03-28 17:21:01 | Deep Dive |
| CVE-2021-24961 | WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Shortcode | Unknown | WordPress File Upload | 中危 | - | 2022-03-07 08:16:12 | Deep Dive |
| CVE-2021-24960 | WordPress File Upload < 4.16.3 - Contributor+ Stored Cross-Site Scripting via Malicious SVG | Unknown | WordPress File Upload | 中危 | - | 2022-03-07 08:16:10 | Deep Dive |
| CVE-2021-24856 | Shared Files < 1.6.61 - Admin+ Stored Cross-Site Scripting | Unknown | Shared Files – Easy Download Manager and File Sharing Plugin with Frontend File Upload | 中危 | - | 2021-11-17 10:16:00 | Deep Dive |
| CVE-2020-7875 | RAONWIZ DEXT5 Upload ActiveX remote file execution vulnerability | RAONWIZ | DEXT5 Upload | High | 7.5 | 2021-10-28 15:28:37 | Deep Dive |
| CVE-2021-24736 | Shared Files < 1.6.57 - Admin+ Stored Cross-Site Scripting | Unknown | Easy Download Manager and File Sharing Plugin with frontend file upload – a better Media Library — Shared Files | 中危 | - | 2021-10-18 13:46:06 | Deep Dive |
| CVE-2020-7832 | RAONWIZ DEXT5 Upload remote code execution vulnerability | RAONWIZ | DEXT5 Upload | High | 8.8 | 2021-09-07 14:47:21 | Deep Dive |
| CVE-2021-23439 | Cross-site Scripting (XSS) | - | file-upload-with-preview | Medium | 4.2 | 2021-09-05 14:10:11 | Deep Dive |
| CVE-2020-7863 | Raonwiz RAON K Upload Arbitrary Command Execution Vulnerability | Raonwiz,inc | RAON K Upload | High | 8.8 | 2021-08-05 20:24:26 | Deep Dive |
| CVE-2021-34625 | WP Upload Restriction <= 2.2.3 - Authenticated Stored Cross-Site Scripting | WP Upload Restriction | WP Upload Restriction | Medium | 6.4 | 2021-07-07 12:21:38 | Deep Dive |