Pricing

WordPress security

Instantly fix and mitigate vulnerabilities

Plugin auditing

Paid auditing for WordPress vendors

Managed VDP

Start a security program for your plugin

Bug Bounty

Join the community and earn bounties

Enterprise API

At scale monitoring and vPatching for hosts

Vulnerability database

The latest WordPress security intelligence
Login
Start FREE
WordPress File Upload Logo

WordPress File Upload

Plugin

Changelog

Claim

VDP

Developer

Nickolas Bossinas

Latest version

4.24.14

Installations

20,000

Last updated

2 weeks ago

Vulnerability history

Not fixed 0 present
Fixed 15 patched

Unauthenticated Path Traversal to Arbitrary File Read and Deletion in wfu_file_downloader.php vulnerability <= 4.24.11

Patch priority: high Fixed

9.8

14 October, 2024

Unauthenticated Stored CrossSite Scripting via SVG File Upload vulnerability <= 4.24.8

Patch priority: low Fixed

7.1

16 August, 2024

Unauthenticated Stored XSS vulnerability < 4.24.8

Patch priority: medium Fixed

7.1

7 August, 2024

Reflected XSS vulnerability < 4.24.8

Patch priority: medium Fixed

7.1

6 August, 2024

Broken Access Control + CSRF vulnerability <= 4.24.7

Badge Patch priority: low Fixed

4.3

1 August, 2024

Website security

Pricing For WordPress For WooCommerce For agencies For hosts API Documentation FAQ Log in

For plugin devs

Managed VDP Log inNEW Active programs Security auditing

For researchers

Bug bounty Log inNEW Guidelines LearnNEW Discord

Resources

Vulnerability Database Whitepaper 2024 WordPress StatisticsNEW Case studiesNEW Articles

Patchstack

About Careers AffiliatesNEW Merch store Media kit

Socials

LinkedIn Facebook X
© 2024 Patchstack DPA Privacy Policy Terms & Conditions

Website security

Pricing For WordPress For WooCommerce For agencies For hosts API Documentation FAQ Log in

For plugin devs

Managed VDP Log inNEW Active programs Security auditing

For researchers

Bug bounty Log inNEW Guidelines LearnNEW Discord

Resources

Vulnerability Database Whitepaper 2024 WordPress StatisticsNEW Case studiesNEW Articles

Patchstack

About Careers AffiliatesNEW Merch store Media kit

Socials

LinkedIn Facebook X
Mobile Menu

Let us know if we have missed a vulnerability reported elsewhere

Mobile Menu Close

Thank you for contributing!

Close Mobile Menu