Aggregates CVE and security vulnerability intelligence across all wp-upload-restriction_project-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting and related problems; some flaws may lead to vendor impact session compromise, affecting vendor surface production workloads scenarios.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-34627 | A vulnerability in the getSelectedMimeTypesByRole function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to view custom extensions added by administrators. This issue affects versions 2.2.3 and prior. | [email protected] | 4.3 | 0.31% | 2021-07-07 | 2024-11-21 |
| CVE-2021-34626 | A vulnerability in the deleteCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to delete custom extensions added by administrators. This issue affects versions 2.2.3 and prior. | [email protected] | 4.3 | 0.17% | 2021-07-07 | 2024-11-21 |
| CVE-2021-34625 | A vulnerability in the saveCustomType function of the WP Upload Restriction WordPress plugin allows low-level authenticated users to inject arbitrary web scripts. This issue affects versions 2.2.3 and prior. | [email protected] | 6.4 | 0.31% | 2021-07-07 | 2024-11-21 |