18 matches found
EUVD-2020-16880
Malware in sbrugna...
CVE-2020-24144
Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...
PT-2024-16699 · WordPress · Fileorganizer
Name of the Vulnerable Software and Affected Versions: FileOrganizer – Manage WordPress and Website Files plugin for WordPress versions up to, and including, 1.1.4 Description: The issue allows authenticated attackers with Administrator-level access and above to include and execute arbitrary file...
CVE-2024-7985
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizerajaxhandler" function in all versions up to, and including, 1.0.9. This makes it possible for authenticated attackers, with...
CVE-2024-5599
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizerajaxhandler' function. This makes it possible for unauthenticated attackers to extract sensitive data...
CVE-2024-5599
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizerajaxhandler' function. This makes it possible for unauthenticated attackers to extract sensitive data...
CVE-2024-2324
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg file upload in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers t...
PT-2024-19734 · WordPress · The Fileorganizer – Manage Wordpress/Website Files
Name of the Vulnerable Software and Affected Versions: The FileOrganizer – Manage WordPress and Website Files plugin for WordPress versions up to, and including, 1.0.6 Description: The issue is related to Stored Cross-Site Scripting via svg file upload due to insufficient input sanitization and...
CVE-2023-3664
The FileOrganizer WordPress plugin through 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server...
WordPress Media File Organizer plugin directory traversal vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A directory traversal vulnerability exists in version 1.0.1 of the Media File Organizer plugin for...
CVE-2020-24144
Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...
CVE-2020-24144
Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...
Directory traversal
Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...
CVE-2020-24144
Directory traversal in the Media File Organizer aka media-file-organizer plugin 1.0.1 for WordPress lets an attacker get access to files that are stored outside the web root folder via the items parameter in a move operation...
CVE-2020-24144
CVE-2020-24144 concerns a directory traversal in the WordPress plugin “Media File Organizer” (version 1.0.1 and earlier). The vulnerability arises from the plugin’s move operation failing to properly filter/sanitize user-supplied input, allowing an attacker to access files stored outside the web ...
in tagspaces/tagspaces
Vulnerability Code Execution using Reflected Cross Site Scripting ✍️ Description Tagspaces is a file organizer that also works as a file manager. When you open a file, it tries to provide a preview of common files like images, code and text files. But if the extension is not known to tagspaces, it...
Media File Organizer <= 1.0.1 - Directory Traversal
The plugin does not sanitize user supplied input before moving file into web accessible paths, allowing for files located outside of the web accessible directories to be made accessible via the web...
[SECURITY] Fedora 28 Update: cantata-2.3.1-1.fc28
Cantata is a graphical client for the music player daemon MPD. Features: Multiple MPD collections. Highly customisable layout. Songs grouped by album in play queue. Context view to show artist, album, and song information of current track. Simple tag editor. File organizer - use tags to organize...