3 matches found
CVE-2024-11010
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 1.1.4 via the 'defaultlang' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, ...
CVE-2024-11010
creationtimestamp| type| source ---|---|--- 2024-12-07 09:29:15+00:00| seen| https://infosec.exchange/users/cve/statuses/113610834215466005 2024-12-07 11:42:03+00:00| seen| https://t.me/cvedetector/12320...
CVE-2024-11010
CVE-2024-11010 affects FileOrganizer – Manage WordPress and Website Files (WordPress) up to version 1.1.4. It allows Local JavaScript File Inclusion via the default_lang parameter. Exploitation requires Administrator-level access, and can cause arbitrary JavaScript execution on the server, potent...