Known Vulnerabilities for products from Iptanus

Listed below are 18 of the newest known vulnerabilities associated with the vendor "Iptanus".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2024-11635 json The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 4... Not Provided 2025-01-08 2026-04-08
CVE-2024-11613 json The WordPress File Upload plugin for WordPress is vulnerable to Remote Code Execution, Arbitrary File Read, and Arbitrary Fil... Not Provided 2025-01-08 2026-04-08
CVE-2024-9939 json The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 4.24.13 ... Not Provided 2025-01-08 2026-04-08
CVE-2024-5852 json The WordPress File Upload plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 4.2... Not Provided 2024-07-16 2026-04-08
CVE-2024-2847 json The WordPress File Upload plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in ... Not Provided 2024-04-09 2026-04-08
CVE-2023-4811 json The WordPress File Upload WordPress plugin before 4.23.3 does not sanitise and escape some of its settings, which could allow... 5.4 - MEDIUM 2023-10-16 2023-11-07
CVE-2023-2767 json The WordPress File Upload and WordPress File Upload Pro plugins for WordPress are vulnerable to Stored Cross-Site Scripting v... Not Provided 2023-06-09 2026-04-08
CVE-2023-2688 json The WordPress File Upload and WordPress File Upload Pro plugins for WordPress are vulnerable to Path Traversal in versions up... Not Provided 2023-06-09 2026-04-08
CVE-2021-24962 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 8.8 - HIGH 2022-03-28 2022-04-04
CVE-2021-24961 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 5.4 - MEDIUM 2022-03-07 2022-03-11
CVE-2021-24960 json ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... 5.4 - MEDIUM 2022-03-07 2022-03-11
CVE-2020-10564 json An issue was discovered in the File Upload plugin before 4.13.0 for WordPress. A directory traversal can lead to remote code ... 9.8 - CRITICAL 2020-03-13 2020-03-19
CVE-2018-9844 json The Iptanus WordPress File Upload plugin before 4.3.4 for WordPress mishandles Settings attributes, leading to XSS. 6.1 - MEDIUM 2018-04-07 2018-05-11
CVE-2018-9172 json The Iptanus WordPress File Upload plugin before 4.3.3 for WordPress mishandles shortcode attributes. 5.4 - MEDIUM 2018-04-01 2018-05-10
CVE-2015-9341 json The wp-file-upload plugin before 3.4.1 for WordPress has insufficient restrictions on upload of .php.js files. 7.5 - HIGH 2019-08-22 2019-08-29
CVE-2015-9340 json The wp-file-upload plugin before 3.0.0 for WordPress has insufficient restrictions on upload of php, js, pht, php3, php4, php... 7.5 - HIGH 2019-08-22 2019-08-29
CVE-2015-9339 json The wp-file-upload plugin before 2.7.1 for WordPress has insufficient restrictions on upload of .js files. 7.5 - HIGH 2019-08-22 2019-08-29
CVE-2015-9338 json The wp-file-upload plugin before 2.5.0 for WordPress has insufficient restrictions on upload of .php files. 7.5 - HIGH 2019-08-22 2019-08-29

Known software with vulnerabilities from Iptanus

Type Vendor Product Version
ApplicationIptanusWordpress File Upload1.0