5 matches found
CVE-2023-6846
creationtimestamp| type| source ---|---|--- 2024-02-09 19:17:19+00:00| seen| https://t.me/ctinow/182207 2024-02-18 08:01:37+00:00| seen| https://t.me/ctinow/187152...
CVE-2023-6846
The File Manager Pro plugin for WordPress is vulnerable to Arbitrary File Upload in all versions up to, and including, 8.3.4 via the mkcheckfilemanagerphpsyntax AJAX function. This makes it possible for authenticated attackers, with subscriber access and above, to execute code on the server...
CVE-2023-6846
The File Manager Pro WordPress plugin (wp-file-manager-pro) is vulnerable to Arbitrary File Upload in versions up to and including 8.3.4 via the mk_check_filemanager_php_syntax AJAX function. Authenticated users with subscriber access can cause server-side code execution. Version 8.3.5 adds a cap...
High Severity Arbitrary File Upload Vulnerability Patched in File Manager Pro WordPress Plugin
On December 14th, 2023, shortly after the launch of our Holiday Bug Extravaganza, we received a submission for an Arbitrary File Upload vulnerability in File Manager Pro, a WordPress plugin with an estimated 10,000+ active installations. This vulnerability made it possible for authenticated...
WordPress File Manager Pro Plugin <= 8.3.4 is vulnerable to Arbitrary File Upload
Software File Manager Pro Type Plugin Vulnerable versions = 8.3.4 Fixed in 8.3.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-6846 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID f7afa0b6cb70 Credits Tobias Weißhaar kun19 Required privileg...