Plupload - Plupload CVE

Filtered by vendor Plupload Subscribe

Filtered by product Plupload

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-4566	2 Plupload, Wordpress	2 Plupload, Wordpress	2025-04-12	4.3 MEDIUM	6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in plupload.flash.swf in Plupload before 2.1.9, as used in WordPress before 4.5.2, allows remote attackers to inject arbitrary web script or HTML via a Same-Origin Method Execution (SOME) attack.

Vulnerabilities (CVE)