CVE-2024-53825

CVE-2024-53825 (WordPress FileBird Lite) : A Missing Authorization / Broken Access Control vulnerability affects the FileBird Lite plugin for WordPress (versions up to and including 6.3.2). Public sources in the Connected documents describe an incorrect access control configuration that could be ...

CVE-2024-53825 WordPress FileBird Lite plugin <= 6.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through = 6.3.2...

CVE-2024-53825 WordPress FileBird Lite plugin <= 6.3.2 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through 6.3.2...

WordPress plugin Filebird 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-35941 · Ninja Team · Filebird

Name of the Vulnerable Software and Affected Versions: Ninja Team Filebird versions through 6.3.2 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions through 6.3.2,...

WordPress FileBird Lite plugin <= 6.3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Filebird versions = 6.3.2...

CVE-2024-10533

The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajaxinstallplugin function in all versions up to, and including, 3.6.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2024-10533 WP Chat App <= 3.6.8 - Missing Authorization to Authenticated (Subscriber+) Filebird Plugin Installation

The WP Chat App plugin for WordPress is vulnerable to unauthorized plugin installation due to a missing capability check on the ajaxinstallplugin function in all versions up to, and including, 3.6.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to...

CVE-2024-10533

CVE-2024-10533 (WP Chat App, WordPress) : A missing authorization check in ajax_install_plugin() across versions up to and including 3.6.8 allows authenticated users with Subscriber+ privileges to install the filebird plugin. Public CVE reports confirm exploitation risks are tied to Broken Access...

WordPress WP Chat App plugin <= 3.6.8 - Missing Authorization to Authenticated (Subscriber+) Filebird Plugin Installation vulnerability

Missing Authorization to Authenticated Subscriber+ Filebird Plugin Installation vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin WP Chat App versions = 3.6.8...

CVE-2024-37504

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FileBird Document Library.This issue affects FileBird Document Library: from n/a through 2.0.6...

CVE-2024-37504 WordPress FileBird Document Library plugin <= 2.0.6 - Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FileBird Document Library.This issue affects FileBird Document Library: from n/a through 2.0.6...

CVE-2024-37504 WordPress FileBird Document Library plugin <= 2.0.6 - Sensitive Data Exposure vulnerability

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FileBird Document Library.This issue affects FileBird Document Library: from n/a through 2.0.6...

CVE-2024-37504

CVE-2024-37504 affects the FileBird Document Library WordPress plugin (versions up to 2.0.6). It enables Exposure of Sensitive Information to an Unauthorized Actor, i.e., information disclosure rather than code execution. The CVE entry notes medium severity (CVSS v3.1 score 5.3), with network att...

WordPress plugin FileBird Document Library Information Disclosure Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...

WordPress FileBird Document Library plugin <= 2.0.6 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Peng Zhou Patchstack Alliance in WordPress Plugin FileBird Document Library versions = 2.0.6...

WordPress FileBird Document Library Plugin <= 2.0.6 is vulnerable to Sensitive Data Exposure

Software FileBird Document Library Type Plugin Vulnerable versions = 2.0.6 Fixed in 2.0.8.1 OWASP Top 10 A1: Broken Access Control Classification Sensitive Data Exposure CVE CVE-2024-37504 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 7621ab22a70e Credits Peng Zhou...

CVE-2024-35166

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through 5.6.3...

CVE-2024-35166

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through 5.6.3...

WordPress plugin Filebird 信息泄露漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure...