2 matches found
CVE-2024-8066 File Manager Pro – Filester <= 1.8.6- Authenticated (Subscriber+) Arbitrary File Upload
The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due to missing validation in the 'fsConnector' function in all versions up to, and including, 1.8.6. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted...
WordPress File Manager Pro Plugin <= 1.8.4 is vulnerable to Arbitrary File Upload
Software File Manager Pro Type Plugin Vulnerable versions = 1.8.4 Fixed in 1.8.5 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-8066 Patch priority High CVSS severity High 8.5 Developer Claim ownership PSID 0f4641bb0b51 Credits TANG Cheuk Hei siunam Required privileg...