CVE-2026-1756 | WP FOFT Loader Plugin up to 2.1.39 on WordPress file_and_ext unrestricted upload

Inserito da Angelo Barbosa | Feb 3, 2026 | CVE

A vulnerability identified as critical has been detected in WP FOFT Loader Plugin up to 2.1.39 on WordPress. Affected by this vulnerability is the function WP_FOFT_Loader_Mimes::file_and_ext. Performing a manipulation results in unrestricted upload.

This vulnerability is reported as CVE-2026-1756. The attack is possible to be carried out remotely. No exploit exists.

CVE-2026-1756 | WP FOFT Loader Plugin up to 2.1.39 on WordPress file_and_ext unrestricted upload

Post correlati

CVE-2026-1424 | PHPGurukul News Portal 1.0 Profile Pic unrestricted upload

CVE-2025-3750 | Network Posts Extended Plugin up to 7.7.1 on WordPress post_height cross site scripting

CVE-2025-40640 | Status Tracker Energy CRM 2025 Query create_invoice_submit.php customerName_0 cross site scripting

CVE-2024-20111 | MediaTek MT8195 Ccu out-of-bounds write (MSV-1754 / ALPS09065033)