Exploit for Unrestricted Upload of File with Dangerous Type in Filemanagerpro File_Manager

wp-file-manager-exploit-CVE-2020-25213-with-Zerologon Project...

CVE-2023-4861

The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation. This leads to remote code execution...

CVE-2023-4827

The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the fsconnector AJAX action. This allows attackers to make highly privileged users perform unwanted file system actions via CSRF attacks by using GET requests, such as uploading a web shell...

EUVD-2024-49227

Malicious code in bioql PyPI...

EUVD-2024-48462

Malicious code in bioql PyPI...

EUVD-2025-28452

Malicious code in bioql PyPI...

EUVD-2024-48046

Malicious code in bioql PyPI...

EUVD-2023-59207

Malicious code in bioql PyPI...

EUVD-2024-49625

Malicious code in bioql PyPI...

EUVD-2024-49391

Malicious code in bioql PyPI...

EUVD-2024-50355

Malicious code in bioql PyPI...

EUVD-2024-50778

Malicious code in bioql PyPI...

EUVD-2023-54701

Malicious code in bioql PyPI...

EUVD-2024-49481

Malicious code in bioql PyPI...

WordPress File Manager Pro plugin <= 1.8.9 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by tiborisaak in WordPress Plugin File Manager Pro versions = 1.8.9...

CVE-2025-52710

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team File Manager Pro filester allows Stored XSS.This issue affects File Manager Pro: from n/a through = 1.8.8...

CVE-2025-52710

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team File Manager Pro filester allows Stored XSS.This issue affects File Manager Pro: from n/a through = 1.8.8...

CVE-2025-52710

CVE-2025-52710 affects WordPress plugin “File Manager Pro – Filester” (versions up to and including 1.8.8). The vulnerability is a stored Cross-Site Scripting (XSS) caused by improper neutralization of input during web page generation. Public references in the CVE records indicate a patch has bee...

CVE-2025-52710 WordPress File Manager Pro plugin <= 1.8.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team File Manager Pro filester allows Stored XSS.This issue affects File Manager Pro: from n/a through = 1.8.8...

CVE-2025-52710 WordPress File Manager Pro plugin <= 1.8.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ninja Team File Manager Pro allows Stored XSS. This issue affects File Manager Pro: from n/a through 1.8.8...