Smartlogix

smartlogix

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Wp Insert

wp-insert

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-25461 1Smartlogix 1Wp Insert Nov 21, 2024 Apr 25, 2023 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in namithjawahar Wp-Insert plugin <= 2.5.0 versions.
CVE-2018-17573 1Smartlogix 1Wp Insert Nov 21, 2024 Sep 28, 2018 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/edito...Show more The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/editor/filemanager/connectors/test.html, and fckeditor/editor/filemanager/connectors/uploadtest.html.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2023-25461

1Smartlogix

1Wp Insert

Nov 21, 2024

Apr 25, 2023

N/A· v4

4.8 MEDIUM· v3

N/A· v2

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in namithjawahar Wp-Insert plugin <= 2.5.0 versions.

CVE-2018-17573

1Smartlogix

1Wp Insert

Nov 21, 2024

Sep 28, 2018

N/A· v4

9.8 CRITICAL· v3

7.5 HIGH· v2

The Wp-Insert plugin through 2.4.2 for WordPress allows upload of arbitrary PHP code because of the exposure and configuration of FCKeditor under fckeditor/editor/filemanager/browser/default/browser.html, fckeditor/edito...Show more