Lucene search
K

4 matches found

Patchstack
Patchstack
added 2025/03/20 2:44 a.m.8 views

WordPress File Away plugin <= 3.9.9.0.1 - Missing Authorization to Unauthenticated Arbitrary File Read vulnerability

Missing Authorization to Unauthenticated Arbitrary File Read vulnerability discovered by Sélim Lanouar whattheslime in WordPress Plugin File Away versions = 3.9.9.0.1...

7.5CVSS8.8AI score0.0155EPSS
Exploits6References1Affected Software1
OSV
OSV
added 2023/06/12 6:15 p.m.3 views

CVE-2023-0431

The File Away WordPress plugin through 3.9.9.0.1 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...

5.4CVSS6.7AI score
Exploits0References1
CNNVD
CNNVD
added 2023/06/12 12:0 a.m.7 views

WordPress Plugin File Away 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.4CVSS6.5AI score0.0037EPSS
Exploits1References2
Patchstack
Patchstack
added 2023/05/17 12:0 a.m.12 views

WordPress File Away Plugin <= 3.9.9.0.1 is vulnerable to Cross Site Scripting (XSS)

Software File Away Type Plugin Vulnerable versions = 3.9.9.0.1 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-0431 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID c7613f6f78f2 Credits Lana Codes Required...

5.4CVSS5.6AI score0.0037EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder