Frontend Uploader Project Frontend Uploader — known CVE vulnerabilities
Every CVE whose affected-product data names Frontend Uploader Project Frontend Uploader, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2021-24563 — CVSS 6.1 (medium): The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated…
CVE-2014-9444 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the Frontend Uploader plugin 0.9.2 for WordPress allows remote attackers to inject arbitrary…