CVE-2012-10019 – WordPress Front End Editor Arbitrary File Upload Vulnerability

July 19, 2025

CVE ID : CVE-2012-10019

Published : July 19, 2025, 10:15 a.m. | 13 hours, 29 minutes ago

Description : The Front End Editor plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the upload.php file in versions before 2.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected sites server which may make remote code execution possible.

Severity: 9.8 | CRITICAL

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2015-10135 – WordPress WPshop File Upload Vulnerability

Next Article CVE-2025-7697 – Google Sheets Integration for WordPress PHP Object Injection Vulnerability

Highlights

CVE-2025-6643 – PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure

June 25, 2025

CVE ID : CVE-2025-6643

Published : June 25, 2025, 10:15 p.m. | 4 hours, 6 minutes ago

Description : PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

The specific flaw exists within the parsing of U3D files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated object. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process. Was ZDI-CAN-26532.

Severity: 3.3 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

In-House vs. Outsource Node.js Development Teams: 9 Key Differences for the C-Suite (2025)

Why Non-Native Content Designers Improve Global UX

DevOps won’t scale without platform engineering and here’s why your teams are still stuck

This week in AI dev tools: Slack’s enterprise search, Claude Code’s analytics dashboard, and more (July 18, 2025)

I ditched my Bluetooth speakers for this slick turntable – and it’s more practical than I thought

This split keyboard offers deep customization – if you’re willing to go all in

I spoke with an AI version of myself, thanks to Hume’s free tool – how to try it

I took a walk with Meta’s new Oakley smart glasses – they beat my Ray-Bans in every way

The details of TC39’s last meeting

The details of TC39’s last meeting

Simple wrapper for Chrome’s built-in local LLM (Gemini Nano)

Online Examination System using PHP and MySQL

Top 7 Computer Performance Test Tools Online (Free & Fast)

Top 7 Computer Performance Test Tools Online (Free & Fast)

10 Best Windows 11 Encryption Software

Google Chrome Is Testing Dynamic Country Detection for Region-Specific Features

CVE-2012-10019 – WordPress Front End Editor Arbitrary File Upload Vulnerability

Critical mcp-remote Vulnerability Enables Remote Code Execution, Impacting 437,000+ Downloads

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CVE-2025-26997 – Validas Wireless Butler Cross-site Scripting

How Much Does It Cost to Build a Website in Sydney Australia?

CVE-2025-3864 – Hackney HTTP Connection Pool Exhaustion Vulnerability

CVE-2025-42971 – SAPCAR Out-of-Bounds Memory Corruption Vulnerability

CVE-2025-6643 – PDF-XChange Editor U3D File Parsing Out-Of-Bounds Read Information Disclosure

Farmonics Onion Powder – Affordable, Premium-Quality Onion Powder Price Online in India

Design Grow

Schemes – create syntax highlighting schemes

CVE-2012-10019 – WordPress Front End Editor Arbitrary File Upload Vulnerability

Related Posts