Malicious code in com.outsystems.plugins.fileviewer (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 68e48c3e2dce6b01b3a80e3284dea055908e7c232a4f9fa11407fd851f4c0ecc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2021-24491

The Fileviewer WordPress plugin through 2.2 does not have CSRF checks in place when performing actions such as upload and delete files. As a result, attackers could make a logged in administrator delete and upload arbitrary files via a CSRF attack...