Webmovementllc

webmovementllc

1 CVE • 1 product

Products (1)

Click to collapse

Toggle

Foxypress

foxypress

1 CVE

CVEs (1)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-10020 1Webmovementllc 1Foxypress Dec 16, 2025 Jul 22, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0.4.2.1. This makes it possible for unauthenticat...Show more The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0.4.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2012-10020

1Webmovementllc

1Foxypress

Dec 16, 2025

Jul 22, 2025

N/A· v4

9.8 CRITICAL· v3

N/A· v2

The FoxyPress plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the uploadify.php file in versions up to, and including, 0.4.2.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.Show less