WordPress Plugin WP Upload Restriction Multiple Vulnerabilities - CVE-2021-34627 - Vulnerability Database

WordPress Plugin WP Upload Restriction Multiple Vulnerabilities - CVE-2021-34627

High

Reference: CVE-2021-34627

NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-34627

Title: WordPress Plugin WP Upload Restriction Multiple Vulnerabilities

Overview:

WordPress Plugin WP Upload Restriction is prone to multiple vulnerabilities including cross-site scripting and security bypass vulnerabilities. Exploiting these issues may allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site to steal cookie-based authentication credentials or to perform otherwise restricted actions and subsequently delete custom extensions. WordPress Plugin WP Upload Restriction version 2.2.3 is vulnerable prior versions may also be affected.