CVE-2012-10019 in Front-End Editor Plugininformação

Sumário

de MITRE • 19/07/2025

The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Divulgação

19/07/2025

Moderação

aceite

Entrada

VDB-316959

CPE

pronto

CWE

CWE-434 (confirmado)

CVSS

9.8 (CNA)

EPSS

0.79522

KEV

não

Atividades

muito baixo

Sector

Hostingprovider

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2012-10019
NVD	https://nvd.nist.gov/vuln/detail/CVE-2012-10019
CVE Details	https://www.cvedetails.com/cve/CVE-2012-10019/

◂ Voltar Visão Geral Próximo ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!