216.73.217.64

CVE-2021-47965

· Published 15/05/2026 19:16 · Modified 15/05/2026 19:16

Labels: CVE-2021-47965 2026-05-15CVE-2021-47965CWE-434[email protected]

Essential information

Published
15/05/2026 19:16
Modified
15/05/2026 19:16
Author
Creator
CVSS
9.3 CRITICAL (v3) 9.3 CRITICAL (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation. Attackers can upload arbitrary files through the filemanager upload endpoint to achieve remote code execution and complete system compromise.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
wordpress / wp super edit cpe:2.3:a:wordpress:wp_super_edit:*:*:*:*:*:*:*:*

References