Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3
CVE-2025-14045
- EPSS 0.04%
- Veröffentlicht 12.12.2025 03:20:44
- Zuletzt bearbeitet 15.04.2026 00:35:42
The URL Media Uploader plugin for WordPress is vulnerable to unauthorized safe file uploads due to a missing capability check on the url_media_uploader_url_upload_ajax_handler() function in all versions up to, and including, 1.0.1. This makes it poss...
6.4
CVE-2025-1662
- EPSS 0.14%
- Veröffentlicht 28.02.2025 09:15:12
- Zuletzt bearbeitet 08.04.2026 19:23:50
The URL Media Uploader plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.0 via the 'url_media_uploader_url_upload' action. This makes it possible for authenticated attackers, with author-level...
1