CWE-434— Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.— MITRE CWE catalog
4,072 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-434page 25 of 82
- CVE-2021-47819CRITICALCVSS 9.8EG 9.82026-01-15
ProjeQtOr Project Management 9.1.4 contains a file upload vulnerability that allows guest users to upload malicious PHP files with arbitrary code execution capabilities. Attackers can upload a PHP script through the profile attachment sect…
- CVE-2021-47888HIGHCVSS 8.8EG 8.82026-01-23
Textpattern versions prior to 4.8.3 contain an authenticated remote code execution vulnerability that allows logged-in users to upload malicious PHP files. Attackers can upload a PHP file with a shell command execution payload and execute …
- CVE-2021-47899MEDIUMCVSS 4.0EG 4.02026-01-23
YetiShare File Hosting Script 5.1.0 contains a server-side request forgery vulnerability that allows attackers to read local system files through the remote file upload feature. Attackers can exploit the url parameter in the url_upload_han…
- CVE-2021-47904HIGHCVSS 8.8EG 8.82026-01-23
PhreeBooks 5.2.3 contains an authenticated file upload vulnerability in the Image Manager that allows remote code execution. Attackers can upload a malicious PHP web shell by exploiting unrestricted file type uploads to gain command execut…
- CVE-2021-47937HIGHCVSS 8.8EG 8.82026-05-10
e107 CMS 2.3.0 contains a remote code execution vulnerability that allows authenticated users with theme installation permissions to execute arbitrary commands by uploading malicious theme files. Attackers can upload a crafted theme packag…
- CVE-2021-47943HIGHCVSS 8.8EG 8.82026-05-10
TextPattern CMS 4.8.7 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by uploading malicious PHP files through the file upload functionality. Attackers can upload a PHP shell…
- CVE-2021-47965CRITICALCVSS 9.8EG 9.82026-05-15
WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation. Attackers can upload arbitrary files th…
- CVE-2022-0242HIGHCVSS 7.2EG 7.22022-01-17
Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.
- CVE-2022-0263HIGHCVSS 7.8EG 7.82022-01-18
Unrestricted Upload of File with Dangerous Type in Packagist pimcore/pimcore prior to 10.2.7.
- CVE-2022-0316CRITICALCVSS 9.8EG 9.82023-01-23
The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, sou…
- CVE-2022-0403HIGHCVSS 8.1EG 8.12022-04-04
The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues (CVE-2021-32682), and does not have any authorisation as well as CSRF checks in it…
- CVE-2022-0409HIGHCVSS 7.8EG 7.82022-02-19
Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.
- CVE-2022-0415HIGHCVSS 8.8EG 9.02022-03-21
Remote Command Execution in uploading repository file in GitHub repository gogs/gogs prior to 0.12.6.
- CVE-2022-0440HIGHCVSS 7.2EG 7.22022-03-07
The Catch Themes Demo Import WordPress plugin before 2.1.1 does not validate one of the file to be imported, which could allow high privivilege admin to upload an arbitrary PHP file and gain RCE even in the case of an hardened blog (ie DIS…
- CVE-2022-0472MEDIUMCVSS 5.4EG 5.42022-02-04
Unrestricted Upload of File with Dangerous Type in Packagist jsdecena/laracom prior to v2.0.9.
- CVE-2022-0499HIGHCVSS 8.8EG 8.82022-03-28
The Sermon Browser WordPress plugin through 0.45.22 does not have CSRF checks in place when uploading Sermon files, and does not validate them in any way, allowing attackers to make a logged in admin upload arbitrary files such as PHP ones.
- CVE-2022-0517HIGHCVSS 7.8EG 7.82022-12-22
Mozilla VPN can load an OpenSSL configuration file from an unsecured directory. A user or attacker with limited privileges could leverage this to launch arbitrary code with SYSTEM privilege. This vulnerability affects Mozilla VPN < 2.7.1.
- CVE-2022-0537HIGHCVSS 7.2EG 7.22022-04-04
The MapPress Maps for WordPress plugin before 2.73.13 allows a high privileged user to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the site through the "ajax_save" function. The file is writt…
- CVE-2022-0687HIGHCVSS 8.8EG 8.82022-03-21
The Amelia WordPress plugin before 1.0.47 stores image blobs into actual files whose extension is controlled by the user, which may lead to PHP backdoors being uploaded onto the site. This vulnerability can be exploited by logged-in users …
- CVE-2022-0863HIGHCVSS 7.2EG 7.22022-06-13
The WP SVG Icons WordPress plugin through 3.2.3 does not properly validate uploaded custom icon packs, allowing an high privileged user like an admin to upload a zip file containing malicious php code, leading to remote code execution.
- CVE-2022-0888CRITICALCVSS 9.8EG 9.82022-03-23
The Ninja Forms - File Uploads Extension WordPress plugin is vulnerable to arbitrary file uploads due to insufficient input file type validation found in the ~/includes/ajax/controllers/uploads.php file which can be bypassed making it poss…
- CVE-2022-0912MEDIUMCVSS 4.8EG 4.82022-03-11
Unrestricted Upload of File with Dangerous Type in GitHub repository microweber/microweber prior to 1.2.11.
- CVE-2022-0921MEDIUMCVSS 6.7EG 6.72022-03-11
Abusing Backup/Restore feature to achieve Remote Code Execution in GitHub repository microweber/microweber prior to 1.2.12.
- CVE-2022-0930MEDIUMCVSS 4.8EG 4.82022-03-12
File upload filter bypass leading to stored XSS in GitHub repository microweber/microweber prior to 1.2.12.
- CVE-2022-0945MEDIUMCVSS 5.4EG 5.42022-03-15
Stored XSS viva axd and cshtml file upload in star7th/showdoc in GitHub repository star7th/showdoc prior to v2.10.4.
- CVE-2022-0950MEDIUMCVSS 5.4EG 5.42022-03-15
Unrestricted Upload of File with Dangerous Type in GitHub repository star7th/showdoc prior to 2.10.4.
- CVE-2022-0951MEDIUMCVSS 6.1EG 6.12022-03-15
File Upload Restriction Bypass leading to Stored XSS Vulnerability in GitHub repository star7th/showdoc prior to 2.10.4.
- CVE-2022-0959MEDIUMCVSS 6.5EG 6.52022-03-16
A malicious, but authorised and authenticated user can construct an HTTP request using their existing CSRF token and session cookie to manually upload files to any location that the operating system user account under which pgAdmin is runn…
- CVE-2022-0960MEDIUMCVSS 5.4EG 5.42022-03-14
Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4.
- CVE-2022-0962MEDIUMCVSS 5.4EG 5.42022-03-14
Stored XSS viva .webma file upload in GitHub repository star7th/showdoc prior to 2.10.4.
- CVE-2022-1008HIGHCVSS 7.2EG 7.22022-04-11
The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed
- CVE-2022-1033HIGHCVSS 7.8EG 7.82022-03-23
Unrestricted Upload of File with Dangerous Type in GitHub repository crater-invoice/crater prior to 6.0.6.
- CVE-2022-1034HIGHCVSS 7.2EG 7.22022-03-22
There is a Unrestricted Upload of File vulnerability in ShowDoc v2.10.3 in GitHub repository star7th/showdoc prior to 2.10.4.
- CVE-2022-1045MEDIUMCVSS 5.4EG 5.42022-04-11
Stored XSS viva .svg file upload in GitHub repository polonel/trudesk prior to v1.2.0.
- CVE-2022-1103HIGHCVSS 8.8EG 8.82022-05-16
The Advanced Uploader WordPress plugin through 4.2 allows any authenticated users like subscriber to upload arbitrary files, such as PHP, which could lead to RCE
- CVE-2022-1206HIGHCVSS 7.2EG 7.22024-08-20
The AdRotate Banner Manager – The only ad manager you'll need plugin for WordPress is vulnerable to arbitrary file uploads due to missing file extension sanitization in the adrotate_insert_media() function in all versions up to, and incl…
- CVE-2022-1273HIGHCVSS 7.2EG 7.22022-05-02
The Import WP WordPress plugin before 2.4.6 does not validate the imported file in some cases, allowing high privilege users such as admin to upload arbitrary files (such as PHP), leading to RCE
- CVE-2022-1329HIGHCVSS 8.8EG 9.02022-04-19
The Elementor Website Builder plugin for WordPress is vulnerable to unauthorized execution of several AJAX actions due to a missing capability check in the ~/core/app/modules/onboarding/module.php file that make it possible for attackers t…
- CVE-2022-1345CRITICALCVSS 9.0EG 9.02022-04-13
Stored XSS viva .svg file upload in GitHub repository causefx/organizr prior to 2.1.1810. This allows attackers to execute malicious scripts in the user's browser and it can lead to session hijacking, sensitive data exposure, and worse.
- CVE-2022-1409HIGHCVSS 7.2EG 7.22022-05-16
The VikBooking Hotel Booking Engine & PMS WordPress plugin before 1.5.8 does not properly validate images, allowing high privilege users such as administrators to upload PHP files disguised as images and containing malicious PHP code
- CVE-2022-1411MEDIUMCVSS 6.1EG 6.12022-05-05
Unrestructed file upload in GitHub repository yetiforcecompany/yetiforcecrm prior to 6.4.0. Attacker can send malicious files to the victims is able to retrieve the stored data from the web application without that data being made safe to …
- CVE-2022-1519CRITICALCVSS 10.0EG 9.82022-06-24
LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type, including executable code that allows for a remote code exploit.
- CVE-2022-1538HIGHCVSS 7.2EG 7.22024-01-16
Theme Demo Import WordPress plugin before 1.1.1 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed.
- CVE-2022-1540HIGHCVSS 7.2EG 7.22022-12-05
The PostmagThemes Demo Import WordPress plugin through 1.0.7 does not validate the imported file, allowing high-privilege users such as admin to upload arbitrary files (such as PHP) leading to RCE.
- CVE-2022-1565HIGHCVSS 7.2EG 7.22022-07-18
The plugin WP All Import is vulnerable to arbitrary file uploads due to missing file type validation via the wp_all_import_get_gz.php file in versions up to, and including, 3.6.7. This makes it possible for authenticated attackers, with ad…
- CVE-2022-1574CRITICALCVSS 9.8EG 9.82022-06-27
The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks when importing files, and does not validate them, as a result, unauthenticated attackers can upload arbitrary files (such as PHP) on the remote server
- CVE-2022-1752HIGHCVSS 8.0EG 8.02022-05-21
Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.2.
- CVE-2022-1811MEDIUMCVSS 5.4EG 5.42022-05-23
Unrestricted Upload of File with Dangerous Type in GitHub repository publify/publify prior to 9.2.9.
- CVE-2022-1837MEDIUMCVSS 4.7EG 7.22022-05-24
A vulnerability was found in Home Clean Services Management System 1.0. It has been rated as critical. Affected by this issue is register.php?link=registerand. The manipulation with the input <?php phpinfo();?> leads to code execution. The…
- CVE-2022-1939HIGHCVSS 7.2EG 7.22022-06-20
The Allow svg files WordPress plugin before 1.1 does not properly validate uploaded files, which could allow high privilege users such as admin to upload PHP files even when they are not allowed to
Map vulnerabilities like CWE-434 to your infrastructure
EchelonGraph correlates every CVE — across CWE-434 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →