Filtered by vendor Metabox
Subscribe
Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2019-14793 | 1 Metabox | 1 Meta Box | 2020-08-24 | 5.5 MEDIUM | 6.5 MEDIUM |
The Meta Box plugin before 4.16.3 for WordPress allows file deletion via ajax, with the wp-admin/admin-ajax.php?action=rwmb_delete_file attachment_id parameter. | |||||
CVE-2019-14794 | 1 Metabox | 1 Meta Box | 2019-08-14 | 5.0 MEDIUM | 7.5 HIGH |
The Meta Box plugin before 4.16.2 for WordPress mishandles the uploading of files to custom folders. |