cleantalk
Vulnerabilities and Security Researches

WP Super Edit, CVE-2021-47965

CVE, Research URL

CVE-2021-47965

Home page URL

Security reports for WP Super Edit

Application

WP Super Edit

Published on
May 16, 2026
Research Description
WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation. Attackers can upload arbitrary files through the filemanager upload endpoint to achieve remote code execution and complete system compromise.
Affected versions
max 2.5.4.
Status
vulnerable
Previous vulnerability researches
Notify Odoo (CVE-2026-8425) , May 17, 2026
Notify Odoo (CVE-2024-56299) , Jan 07, 2025
New vulnerability
WP Super Edit (CVE-2021-47965) , May 17, 2026
Notify Odoo (CVE-2026-8425) , May 17, 2026
WPGraphQL (CVE-2021-47959) , May 16, 2026
Smartcat Integration for WPML (CVE-2026-4683) , May 16, 2026
JoomSport – for Sports: Team & League, Football, Hockey & more (CVE-2026-6929) , May 16, 2026