CVE List

CVE-2021-24563

Moderate 6.1

The Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly

Published October 11, 2021.

Affected software

Get alerts for Frontend Uploader Project Frontend Uploader

Reference links