Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CWE-434 (危险类型文件的不加限制上传) — Vulnerability Class 2018

2018 vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传). AI Chinese analysis included.

CVE IDTitleCVSSSeverityPublished
CVE-2023-51421 WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Arbitrary File Upload — Verge3D Publishing and E-Commerce 9.9 Critical2023-12-29
CVE-2023-51468 WordPress Rencontre – Dating Site Plugin <= 3.10.1 is vulnerable to Arbitrary File Upload — Rencontre – Dating Site 10.0 Critical2023-12-29
CVE-2023-51473 WordPress TerraClassifieds Plugin <= 2.0.3 is vulnerable to Arbitrary File Upload — TerraClassifieds – Simple Classifieds Plugin 10.0 Critical2023-12-29
CVE-2023-51475 WordPress WP MLM Unilevel Plugin <= 4.0 is vulnerable to Arbitrary File Upload — WP MLM SOFTWARE PLUGIN 10.0 Critical2023-12-29
CVE-2023-7159 gopeak MasterLab User.php update unrestricted upload — MasterLab 4.7 Medium2023-12-29
CVE-2023-7150 Campcodes Chic Beauty Salon Product product-list.php unrestricted upload — Chic Beauty Salon 4.7 Medium2023-12-29
CVE-2023-7147 gopeak MasterLab User.php base64ImageContent unrestricted upload — MasterLab 6.3 Medium2023-12-29
CVE-2023-7091 Dreamer CMS uploadFile unrestricted upload — CMS 6.3 Medium2023-12-24
CVE-2023-42017 IBM Planning Analytics file upload — Planning Analytics 8.0 High2023-12-22
CVE-2023-7054 PHPGurukul Online Notes Sharing System add-notes.php unrestricted upload — Online Notes Sharing System 5.5 Medium2023-12-22
CVE-2023-7036 automad Content Type FileCollectionController.php upload unrestricted upload — automad 4.7 Medium2023-12-21
CVE-2022-45377 WordPress Drag and Drop Multiple File Upload for WooCommerce Plugin <= 1.0.8 is vulnerable to Multiple Vulnerabilities — Drag and Drop Multiple File Upload for WooCommerce 6.5 Medium2023-12-21
CVE-2023-7026 Lightxun IPTV Gateway web_upload_template.html unrestricted upload — IPTV Gateway 4.3 Medium2023-12-21
CVE-2023-23970 WordPress Corsa Theme <= 1.5 is vulnerable to Arbitrary File Upload — Corsa 9.9 Critical2023-12-20
CVE-2023-25970 WordPress Zendrop – Global Dropshipping Plugin <= 1.0.0 is vulnerable to Arbitrary File Upload — Zendrop – Global Dropshipping 10.0 Critical2023-12-20
CVE-2023-28170 WordPress Theme Demo Import Plugin <= 1.1.1 is vulnerable to Arbitrary File Upload — Theme Demo Import 9.1 Critical2023-12-20
CVE-2023-29102 WordPress Olive One Click Demo Import Plugin <= 1.1.1 is vulnerable to Arbitrary File Upload — Olive One Click Demo Import 9.1 Critical2023-12-20
CVE-2023-29384 WordPress WordPress Job Board and Recruitment Plugin – JobWP Plugin <= 2.0 is vulnerable to Arbitrary File Upload — WordPress Job Board and Recruitment Plugin – JobWP 10.0 Critical2023-12-20
CVE-2023-31215 WordPress Dropshipping & Affiliation with Amazon Plugin <= 2.1.2 is vulnerable to Arbitrary File Upload — Dropshipping & Affiliation with Amazon 9.9 Critical2023-12-20
CVE-2023-31231 WordPress Unlimited Elements For Elementor (Free Widgets, Addons, Templates) Plugin <= 1.5.65 is vulnerable to Arbitrary File Upload — Unlimited Elements For Elementor (Free Widgets, Addons, Templates) 9.9 Critical2023-12-20
CVE-2023-33318 WordPress WooCommerce Follow-Up Emails Plugin <= 4.9.40 is vulnerable to Arbitrary File Upload — AutomateWoo 9.9 Critical2023-12-20
CVE-2023-34007 WordPress Download Monitor Plugin <= 4.8.3 is vulnerable to Arbitrary File Upload — Download Monitor 9.9 Critical2023-12-20
CVE-2023-34385 WordPress Export Import Menus Plugin <= 1.8.0 is vulnerable to Arbitrary File Upload — Export Import Menus 9.9 Critical2023-12-20
CVE-2023-40204 WordPress Folders Plugin <= 2.9.2 is vulnerable to Arbitrary File Upload — Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager 9.1 Critical2023-12-20
CVE-2023-45603 WordPress User Submitted Posts Plugin <= 20230902 is vulnerable to Arbitrary File Upload — User Submitted Posts – Enable Users to Submit Posts from the Front End 9.0 Critical2023-12-20
CVE-2023-46149 WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Arbitrary File Upload — Themify Ultra 9.9 Critical2023-12-20
CVE-2023-47784 WordPress Slider Revolution Plugin <= 6.6.15 is vulnerable to Arbitrary File Upload — Slider Revolution 8.4 High2023-12-20
CVE-2023-49814 WordPress Symbiostock Lite Plugin <= 6.0.0 is vulnerable to Arbitrary File Upload — Symbiostock 9.1 Critical2023-12-20
CVE-2023-6976 Unrestricted Upload of File with Dangerous Type — mlflow/mlflow 9.1 -2023-12-20
CVE-2023-47706 IBM Security Guardium Key Lifecycle Manager file upload — Security Guardium Key Lifecycle Manager 6.6 Medium2023-12-20

Vulnerabilities classified as CWE-434 (危险类型文件的不加限制上传) represent 2018 CVEs. The CWE taxonomy describes the weakness; review individual CVEs for product-specific impact.