← Back

Swfupload

swfupload

Vendor: Swfupload Project • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2013-4144
1Swfupload Project
1Swfupload
Nov 21, 2024
Jun 30, 2022
N/A· v4
9.8 CRITICAL· v3
7.5 HIGH· v2
There is an object injection vulnerability in swfupload plugin for wordpress.
CVE-2012-3414
3Swfupload Project
TinymceWordpress
3Image Manager
SwfuploadWordpress
Apr 29, 2026
Jul 19, 2013
N/A· v4
N/A· v3
4.3 MEDIUM· v2
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary we...Show more
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function.Show less