CVE-2023-4297

The Mmm Simple File List WordPress plugin through 2.3 does not validate the generated path to list files from, allowing any authenticated users, such as subscribers, to list the content of arbitrary directories...

CVE-2023-4514

The Mmm Simple File List WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-4514

The Mmm Simple File List WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-4514

CVE-2023-4514 affects the Mmm Simple File List WordPress plugin (versions

CVE-2023-4514 Mmm Simple File List <= 2.3 - Contributor+ Stored XSS

The Mmm Simple File List WordPress plugin through 2.3 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

CVE-2023-4297

CVE-2023-4297: The Mmm Simple File List WordPress plugin (versions

CVE-2023-4297 Mmm Simple File List <= 2.3 - Subscriber+ Arbitrary Directory Listing

The Mmm Simple File List WordPress plugin through 2.3 does not validate the generated path to list files from, allowing any authenticated users, such as subscribers, to list the content of arbitrary directories...

WordPress plugin Mmm Simple File List Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2023-28660 · WordPress · Mmm Simple File List

Name of the Vulnerable Software and Affected Versions: Mmm Simple File List WordPress plugin versions prior to 2.3 Description: The issue allows any authenticated users, such as subscribers, to list the content of arbitrary directories due to a lack of validation in the generated path...

PT-2023-29434 · WordPress · Mmm Simple File List

Name of the Vulnerable Software and Affected Versions: Mmm Simple File List WordPress plugin versions prior to 2.3 Description: The issue allows users with the contributor role and above to perform Stored Cross-Site Scripting attacks due to the plugin's failure to validate and escape some of its...

WordPress Mmm Simple File List Plugin <= 2.3 is vulnerable to Sensitive Data Exposure

Software Mmm Simple File List Type Plugin Vulnerable versions = 2.3 Fixed in N/A OWASP Top 10 A3: Sensitive Data Exposure Classification Sensitive Data Exposure CVE CVE-2023-4297 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 23f215a8b1b9 Credits Dmitrii Required privileg...

WordPress Mmm Simple File List Plugin <= 2.3 is vulnerable to Cross Site Scripting (XSS)

Software Mmm Simple File List Type Plugin Vulnerable versions = 2.3 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4514 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2751f94a869f Credits Erwan LR WPScan Require...