← Back

Front End Editor

front-end_editor

Vendor: Scribu • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2012-10019
1Scribu
1Front End Editor
Dec 19, 2025
Jul 19, 2025
N/A· v4
9.8 CRITICAL· v3
N/A· v2
The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This makes it possible for unauthenticated attackers t...Show more
The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.Show less