7 matches found
WordPress ERI File Library plugin unauthorized data access vulnerability
The WordPress ERI File Library plugin is a lightweight plugin designed for WordPress to create and publish document galleries, with support for inserting documents via the Gutenberg editor or shortcode. WordPress ERI File Library plugin suffers from an unauthorized data access vulnerability that...
CVE-2025-12041
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
CVE-2025-12041
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
CVE-2025-12041 ERI File Library <= 1.1.0 - Missing Authorization to Unauthenticated Protected File Download
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
EUVD-2025-37323
The ERI File Library plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'eriflfile' AJAX action in all versions up to, and including, 1.1.0. This makes it possible for unauthenticated attackers to download files restricted to specific user...
WordPress ERI File Library plugin <= 1.1.0 - Missing Authorization to Unauthenticated Protected File Download vulnerability
Missing Authorization to Unauthenticated Protected File Download vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin ERI File Library versions = 1.1.0...
PT-2025-44597
Name of the Vulnerable Software and Affected Versions ERI File Library plugin for WordPress versions up to and including 1.1.0 Description The ERI File Library plugin for WordPress has a flaw that allows unauthorized access to data. This is due to a missing capability check on the erifl file AJAX...