Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-4827
HistoryOct 16, 2023 - 9:15 a.m.

Cross site request forgery (csrf)

2023-10-1609:15:00
PRIOn knowledge base
www.prio-n.com
4
csrf
file manager pro
wordpress
ajax action
unauthorized access

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.6%

JSON

The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the fs_connector AJAX action. This allows attackers to make highly privileged users perform unwanted file system actions via CSRF attacks by using GET requests, such as uploading a web shell.

CPENameOperatorVersion
filesterlt1.8

Related

nvd 1
wpexploit 1
cve 1
wpvulndb 1
cvelist 1
wordfence 1
nvd
nvd
CVE-2023-4827
2023-10-16 09:15:11
wpexploit
wpexploit
File Manager Pro < 1.8 - Remote Code Execution via CSRF
2023-09-11 00:00:00
cve
cve
CVE-2023-4827
2023-10-16 09:15:11
wpvulndb
wpvulndb
File Manager Pro < 1.8 - Remote Code Execution via CSRF
2023-09-11 00:00:00
cvelist
cvelist
CVE-2023-4827 File Manager Pro < 1.8 - Remote Code Execution via CSRF
2023-10-16 08:32:43
wordfence
wordfence
Wordfence Intelligence Weekly WordPress Vulnerability Report (September 11, 2023 to September 17, 2023)
2023-09-21 13:51:31

8.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

37.6%

JSON
Related for PRION:CVE-2023-4827
nvd1wpexploit1cve1wpvulndb1cvelist1wordfence1