CVE-2021-47965

WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation. Attackers can upload arbitrary files through the filemanager upload endpoint to achieve remote code execution and complete system compromise.
Configurations

No configuration.

History

15 May 2026, 19:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-05-15 19:16

Updated : 2026-06-17 04:18


NVD link : CVE-2021-47965

Mitre link : CVE-2021-47965

CVE.ORG link : CVE-2021-47965


JSON object : View

Products Affected

No product.

CWE
CWE-434

Unrestricted Upload of File with Dangerous Type