Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1
CVE-2021-38315
- EPSS 0.21%
- Veröffentlicht 16.08.2021 19:15:15
- Zuletzt bearbeitet 21.11.2024 06:16:46
The SP Project & Document Manager WordPress plugin is vulnerable to attribute-based Reflected Cross-Site Scripting via the from and to parameters in the ~/functions.php file which allows attackers to inject arbitrary web scripts, in versions up to an...
8.8
CVE-2021-24347
- EPSS 82.73%
- Veröffentlicht 14.06.2021 14:15:08
- Zuletzt bearbeitet 21.11.2024 05:52:53
The SP Project & Document Manager WordPress plugin before 4.22 allows users to upload files, however, the plugin attempts to prevent php and other similar files that could be executed on the server from being uploaded by checking the file extension. ...