4 matches found
CVE-2023-4862
creationtimestamp| type| source ---|---|--- 2023-10-17 00:38:10+00:00| seen| https://t.me/cibsecurity/72362...
WordPress File Manager Pro Plugin < 1.8.1 is vulnerable to Cross Site Scripting (XSS)
Software File Manager Pro Type Plugin Vulnerable versions 1.8.1 Fixed in 1.8.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4862 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 25299b88b128 Credits Alex Sanford Required...
CVE-2023-4862
The CVE-2023-4862 affects the File Manager Pro WordPress plugin (pre-1.8.1). The underlying issue is inadequate validation/escaping of inputs, enabling admin+ (high-privilege) users to trigger a stored XSS, potentially via crafted inputs in the plugin’s admin functionality. The vulnerability is m...
CVE-2023-4862 File Manager Pro < 1.8.1 - Admin+ Stored Cross-Site Scripting
The File Manager Pro WordPress plugin before 1.8.1 does not adequately validate and escape some inputs, leading to XSS by high-privilege users...