Critical severity9.8NVD Advisory· Published May 15, 2026· Updated May 18, 2026
CVE-2021-47965
CVE-2021-47965
Description
WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation. Attackers can upload arbitrary files through the filemanager upload endpoint to achieve remote code execution and complete system compromise.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <=2.5.4
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.