Lucene search
K

18 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.2 views

EUVD-2020-16880

Malware in sbrugna...

8.6CVSS8.7AI score0.01998EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 5:1 p.m.4 views

CVE-2020-24144

Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...

8.6CVSS6.7AI score0.01998EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/12/07 12:0 a.m.5 views

PT-2024-16699 · WordPress · Fileorganizer

Name of the Vulnerable Software and Affected Versions: FileOrganizer – Manage WordPress and Website Files plugin for WordPress versions up to, and including, 1.1.4 Description: The issue allows authenticated attackers with Administrator-level access and above to include and execute arbitrary file...

7.2CVSS8AI score0.0083EPSS
Exploits0References12
OSV
OSV
added 2024/10/29 4:15 p.m.6 views

CVE-2024-7985

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizerajaxhandler" function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with...

8.8CVSS6.4AI score0.02235EPSS
Exploits1References3
OSV
OSV
added 2024/06/07 1:15 p.m.3 views

CVE-2024-5599

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizerajaxhandler' function. This makes it possible for unauthenticated attackers to extract sensitive data...

7.5CVSS5.8AI score0.00522EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2024/06/07 1:15 p.m.2 views

CVE-2024-5599

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizerajaxhandler' function. This makes it possible for unauthenticated attackers to extract sensitive data...

7.5CVSS5.8AI score0.00522EPSS
Exploits0References4
OSV
OSV
added 2024/05/02 5:15 p.m.4 views

CVE-2024-2324

The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg file upload in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers t...

5.4CVSS5.9AI score0.0032EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.8 views

PT-2024-19734 · WordPress · The Fileorganizer – Manage Wordpress/Website Files

Name of the Vulnerable Software and Affected Versions: The FileOrganizer – Manage WordPress and Website Files plugin for WordPress versions up to, and including, 1.0.6 Description: The issue is related to Stored Cross-Site Scripting via svg file upload due to insufficient input sanitization and...

5.4CVSS6.1AI score0.0032EPSS
Exploits0References5
OSV
OSV
added 2023/09/25 4:15 p.m.5 views

CVE-2023-3664

The FileOrganizer WordPress plugin through 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server...

7.2CVSS7.2AI score0.00628EPSS
Exploits1References1
CNVD
CNVD
added 2021/07/09 12:0 a.m.14 views

WordPress Media File Organizer plugin directory traversal vulnerability

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A directory traversal vulnerability exists in version 1.0.1 of the Media File Organizer plugin for...

8.6CVSS8.7AI score0.01998EPSS
Exploits0References1
NVD
NVD
added 2021/07/07 2:15 p.m.12 views

CVE-2020-24144

Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...

8.6CVSS0.01998EPSS
Exploits0References2
OSV
OSV
added 2021/07/07 2:15 p.m.3 views

CVE-2020-24144

Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...

8.6CVSS5.8AI score0.01998EPSS
Exploits0References2
Prion
Prion
added 2021/07/07 2:15 p.m.16 views

Directory traversal

Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...

5CVSS8.4AI score0.01998EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2021/07/07 1:37 p.m.14 views

CVE-2020-24144

Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...

8.6AI score0.01998EPSS
Exploits0References2
CVE
CVE
added 2021/07/07 1:37 p.m.38 views

CVE-2020-24144

CVE-2020-24144 concerns a directory traversal in the WordPress plugin “Media File Organizer” (version 1.0.1 and earlier). The vulnerability arises from the plugin’s move operation failing to properly filter/sanitize user-supplied input, allowing an attacker to access files stored outside the web ...

8.6CVSS8.4AI score0.01998EPSS
Exploits0References2Affected Software1
Huntr
Huntr
added 2021/05/18 6:2 a.m.16 views

in tagspaces/tagspaces

Vulnerability Code Execution using Reflected Cross Site Scripting ✍️ Description Tagspaces is a file organizer that also works as a file manager. When you open a file, it tries to provide a preview of common files like images, code and text files. But if the extension is not known to tagspaces, it...

0.2AI score
Exploits0
WPVulnDB
WPVulnDB
added 2021/04/13 12:0 a.m.15 views

Media File Organizer <= 1.0.1 - Directory Traversal

The plugin does not sanitize user supplied input before moving file into web accessible paths, allowing for files located outside of the web accessible directories to be made accessible via the web...

5CVSS5.1AI score0.01998EPSS
Exploits0References1Affected Software1
Fedora
Fedora
added 2018/07/06 4:45 p.m.66 views

[SECURITY] Fedora 28 Update: cantata-2.3.1-1.fc28

Cantata is a graphical client for the music player daemon MPD. Features: Multiple MPD collections. Highly customisable layout. Songs grouped by album in play queue. Context view to show artist, album, and song information of current track. Simple tag editor. File organizer - use tags to organize...

9.8CVSS0.4AI score0.02068EPSS
Exploits0
Rows per page
Query Builder