WordPress File Manager Pro – Filester plugin <= 1.8.8 - Authenticated (Administrator+) Arbitrary File Upload vulnerability

Authenticated Administrator+ Arbitrary File Upload vulnerability discovered by TANG Cheuk Hei siunam in WordPress Plugin File Manager Pro versions = 1.8.8...

WordPress File Manager Pro Plugin <= 8.3.9 is vulnerable to Arbitrary File Upload

Software File Manager Pro Type Plugin Vulnerable versions = 8.3.9 Fixed in 8.3.10 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-8918 Patch priority High CVSS severity High 7.4 Developer Claim ownership PSID 8b2de26c1b42 Credits TANG Cheuk Hei siunam Required privile...

WordPress File Manager Pro Plugin <= 8.3.7 is vulnerable to Arbitrary File Upload

Software File Manager Pro Type Plugin Vulnerable versions = 8.3.7 Fixed in 8.3.8 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2024-7559 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID fdf245f6ed76 Credits siunam Required privilege Subscriber...

WordPress File Manager Pro Plugin <= 8.3.4 is vulnerable to Path Traversal

Software File Manager Pro Type Plugin Vulnerable versions = 8.3.4 Fixed in 8.3.5 OWASP Top 10 A4: Insecure Design Classification Path Traversal CVE CVE-2023-6825 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID dab5b86a4777 Credits Tobias Weißhaar kun19 Required privilege...

WordPress File Manager Pro Plugin <= 8.3.4 is vulnerable to Cross Site Scripting (XSS)

Software File Manager Pro Type Plugin Vulnerable versions = 8.3.4 Fixed in 8.3.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-7015 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 809f77f5638f Credits Tobias Weißhaar...