3 matches found
Simple File List WordPress Plugin 4.2.2 - File Upload to RCE
Exploit Title: Simple File List WordPress Plugin 4.2.2 - File Upload to RCE Google Dork: inurl:/wp-content/plugins/simple-file-list/ Date: 2025-07-15 Exploit Author: Md Amanat Ullah xSwads Vendor Homepage: https://wordpress.org/plugins/simple-file-list/ Software Link:...
CVE-2020-36847
The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the...
CVE-2020-36847
creationtimestamp| type| source ---|---|--- 2020-12-03 16:03:35+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wpsimplefilelistrce.rb 2025-07-13 21:02:21+00:00| seen| https://bsky.app/profile/beikokucyber.bsky.social/post/3lturhz35mw22 2025-07-...