Swfupload ProjectCVEs & Vulnerabilities
2 CVEs affecting Swfupload Project products, tracked from the National Vulnerability Database, with CVSS/EPSS scores and exploitation status.
2 CVEs→ All vendors
Most Affected Products
swfupload 6
CVE-2013-4144CRITICAL
There is an object injection vulnerability in swfupload plugin for wordpress.
30 Jun 2022
9.8
CVSS
CVE-2012-3414MEDIUMpoc
Cross-site scripting (XSS) vulnerability in swfupload.swf in SWFUpload 2.2.0.1 and earlier, as used in WordPress before 3.3.2, TinyMCE Image Manager 1.1, and other products, allows remote attackers to inject arbitrary web script or HTML via the movieName parameter, related to the "ExternalInterface.call" function.
19 Jul 2013
4.3
CVSS
← PrevPage 1 / 1Next →