CVE-2026-28133

CVE-2026-28133 describes an Unrestricted Upload of a File with a Dangerous Type vulnerability in the WP Chill Filr filr-protection plugin, enabling an attacker to upload a Web Shell to the server. Affected product/component: Filr (filr-protection) versions up to and including 1.2.14. The CVSS v3....

CVE-2026-28133 WordPress Filr plugin <= 1.2.14 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allows Upload a Web Shell to a Web Server.This issue affects Filr: from n/a through = 1.2.14...

CVE-2026-28133 WordPress Filr plugin <= 1.2.14 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in WP Chill Filr filr-protection allows Upload a Web Shell to a Web Server.This issue affects Filr: from n/a through = 1.2.14...

WordPress plugin Filr 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Filr plugin <= 1.2.14 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Que Thanh Tuan in WordPress Plugin Filr versions = 1.2.14...

CVE-2025-14632

The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via unrestricted file upload in all versions up to, and including, 1.2.11 due to insufficient file type restrictions in the FILRUploader class. This makes it possible for authenticated attackers,...

EUVD-2026-3157

The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via unrestricted file upload in all versions up to, and including, 1.2.11 due to insufficient file type restrictions in the FILRUploader class. This makes it possible for authenticated attackers,...

CVE-2025-14632 Filr – Secure document library <= 1.2.11 - Authenticated (Administrator+) Stored Cross-Site Scripting via HTML Upload

The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via unrestricted file upload in all versions up to, and including, 1.2.11 due to insufficient file type restrictions in the FILRUploader class. This makes it possible for authenticated attackers,...

CVE-2025-14632 Filr – Secure document library <= 1.2.11 - Authenticated (Administrator+) Stored Cross-Site Scripting via HTML Upload

The Filr – Secure document library plugin for WordPress is vulnerable to Stored Cross-Site Scripting via unrestricted file upload in all versions up to, and including, 1.2.11 due to insufficient file type restrictions in the FILRUploader class. This makes it possible for authenticated attackers,...

WordPress plugin Filr code issue vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There we...

WordPress Filr - Secure document library plugin <= 1.2.11 - Authenticated (Administrator+) Stored Cross-Site Scripting via HTML Upload vulnerability

WordPress Filr - Secure document library plugin = 1.2.11 - Authenticated Administrator+ Stored Cross-Site Scripting via HTML Upload vulnerability discovered by Phap Nguyen Anh - FIS in WordPress Plugin Filr versions = 1.2.11...

CVE-2025-64230 WordPress Filr plugin <= 1.2.10 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WP Chill Filr filr-protection allows Path Traversal.This issue affects Filr: from n/a through = 1.2.10...

CVE-2025-64230 WordPress Filr plugin <= 1.2.10 - Arbitrary File Deletion vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in WP Chill Filr filr-protection allows Path Traversal.This issue affects Filr: from n/a through = 1.2.10...

CVE-2025-64230

WordPress Filr plugin &lt;= 1.2.10 is affected by an Improper Path Restriction allowing Path Traversal that can lead to Arbitrary File Deletion. Root cause: inadequate pathname restrictions enable traversal to restricted areas. Affected product/version: WordPress Filr plugin (

WordPress Filr plugin <= 1.2.10 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Filr versions = 1.2.10...

CVE-2023-5762

The Filr WordPress plugin before 1.2.3.6 is vulnerable from an RCE Remote Code Execution vulnerability, which allows the operating system to execute commands and fully compromise the server on behalf of a user with Author-level privileges...

WordPress plugin Filr 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

WordPress Filr plugin <= 1.2.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by domiee13 Patchstack Alliance in WordPress Plugin Filr versions = 1.2.4...

CVE-2023-5762 Filr – Secure document library < 1.2.3.6 - Author+ RCE via file upload with phar ext

The Filr WordPress plugin before 1.2.3.6 is vulnerable from an RCE Remote Code Execution vulnerability, which allows the operating system to execute commands and fully compromise the server on behalf of a user with Author-level privileges...

WordPress plugin Filr security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in WordPres...