WordPress Plugin Vulnerabilities

WP User Frontend <= 2.3.10 - Unrestricted File Upload

Description

The WP User Frontend – Membership, Profile, Registration & Post Submission Plugin for WordPress WordPress plugin was affected by an Unrestricted File Upload security vulnerability.

Affects Plugins

Plugin icon
wp-user-frontend
Fixed in 2.3.11

References

URL
https://www.securityfocus.com/archive/1/537479

Miscellaneous

Submitter
firefart
Submitter website
https://firefart.at/
Submitter twitter
_FireFart_
Verified
No
WPVDB ID
bf156174-367c-4779-99c6-185129ee85e0

Timeline

Publicly Published
2016-02-08 (about 10 years ago)
Added
2016-02-08 (about 10 years ago)
Last Updated
2019-10-31 (about 6 years ago)

Other

Published
Title
Published
2025-12-09
Title
Video Merchant <= 5.0.4 - Cross-Site Request Forgery to Arbitrary File Upload
Published
2021-07-02
Title
Workreap < 2.2.2 - Unauthenticated Upload Leading to Remote Code Execution
Published
2015-04-12
Title
N-Media Website Contact Form with File Upload < 1.4 - Arbitrary File Upload
Published
2024-01-31
Title
Icons Font Loader < 1.1.5 - Authenticated(Administrator+) Arbitrary File Upload
Published
2025-03-07
Title
Product Input Fields for WooCommerce < 1.12.1 - Unauthenticated Limited File Upload