CVE-2021-24563 - Frontend Uploader Project Frontend Uploader

Moderate 6.1

The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly

Affected software

Frontend Uploader Project Frontend Uploader

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.