← Back

File Renaming On Upload

file_renaming_on_upload

Vendor: Wpfactory • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2023-2684
1Wpfactory
1File Renaming On Upload
Dec 11, 2024
Jun 19, 2023
N/A· v4
4.8 MEDIUM· v3
N/A· v2
The File Renaming on Upload WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when t...Show more
The File Renaming on Upload WordPress plugin before 2.5.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)Show less