CVE-2025-26977 WordPress FileBird plugin <= 6.4.2.1 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through = 6.4.2.1...

WordPress plugin Filebird 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-7875 · Ninja Team · Filebird

Name of the Vulnerable Software and Affected Versions: Ninja Team Filebird versions 6.4.2.1 and earlier Description: The issue is related to an Authorization Bypass Through User-Controlled Key, which can be exploited due to incorrectly configured access control security levels. Recommendations: F...

WordPress FileBird plugin <= 6.4.2.1 - Insecure Direct Object References (IDOR) vulnerability

Insecure Direct Object References IDOR vulnerability discovered by Revan Arifio Patchstack Alliance in WordPress Plugin Filebird versions = 6.4.2.1...

WordPress Filebird plugin < 5.6.1 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ninjateam:filebird"; ifdescription...

WordPress File Manager Pro – Filester plugin <= 1.8.6 - Missing Authorization to Authenticated (Subscriber+) Filebird Plugin Installation vulnerability

Missing Authorization to Authenticated Subscriber+ Filebird Plugin Installation vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin File Manager Pro versions = 1.8.6...

CVE-2024-12331

The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxinstallplugin' function in all versions up to, and including, 1.8.6. This makes it possible for authenticated attackers, with Subscriber-level acce...

CVE-2024-12331 File Manager Pro – Filester <= 1.8.6 - Missing Authorization to Authenticated (Subscriber+) Filebird Plugin Installation

The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxinstallplugin' function in all versions up to, and including, 1.8.6. This makes it possible for authenticated attackers, with Subscriber-level acce...

CVE-2024-12331 File Manager Pro – Filester <= 1.8.6 - Missing Authorization to Authenticated (Subscriber+) Filebird Plugin Installation

The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajaxinstallplugin' function in all versions up to, and including, 1.8.6. This makes it possible for authenticated attackers, with Subscriber-level acce...

CVE-2024-12331

Vulnerability in File Manager Pro – Filester for WordPress (CVE-2024-12331): a missing capability check in ajax_install_plugin allows authenticated users with Subscriber+ access to install the Filebird plugin, enabling unauthorized data modification. Affected versions: all up to and including 1.8...

PT-2024-17547 · WordPress · File Manager Pro – Filester +1

Name of the Vulnerable Software and Affected Versions: File Manager Pro – Filester plugin for WordPress versions up to, and including, 1.8.6 Description: The issue allows authenticated attackers with Subscriber-level access and above to install the Filebird plugin due to a missing capability chec...

CVE-2023-25966

Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 5.1.4...

CVE-2023-25966

Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 5.1.4...

CVE-2023-25966 WordPress FileBird plugin <= 5.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through = 5.1.4...

CVE-2023-25966

CVE-2023-25966: FileBird WordPress plugin

CVE-2023-25966 WordPress FileBird plugin <= 5.1.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 5.1.4...

WordPress plugin Filebird 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-12084 · Ninja Team · Filebird

Name of the Vulnerable Software and Affected Versions: Ninja Team Filebird versions through 5.1.4 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions through 5.1.4,...

CVE-2024-53825

Missing Authorization vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through = 6.3.2...

CVE-2024-53825

Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 6.3.2...