3 matches found
EUVD-2021-34183
Malicious code in bioql PyPI...
CVE-2022-2356
The Frontend File Manager & Sharing WordPress plugin before 1.1.3 does not filter file extensions when letting users upload files on the server, which may lead to malicious code being uploaded...
CVE-2021-4365 Frontend File Manager <= 18.2 - Unauthenticated Stored Cross-Site Scripting
The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to, and including, 18.2. This is due to lacking authentication protections and santisation all on the wpfmeditfiletitledesc AJAX action. This makes it possible for...