3 matches found
CVE-2022-2261
CVE-2022-2261 covers a Local File Inclusion in the WPIDE WordPress plugin before 3.0, caused by the filename parameter not being sanitized/validated before being used in a require statement in the admin dashboard. Affected: WPIDE WordPress plugin versions prior to 3.0. Impact and conditions: LFI ...
CVE-2022-40217
CVE-2022-40217 concerns the WordPress WPide plugin (XplodedThemes) versions ≤ 2.6, with an authenticated ARBITRARY FILE EDIT/UPLOAD vulnerability. Multiple sources confirm that an admin+ user can edit/upload arbitrary files within WPide, indicating a high impact under the documented conditions. P...
CVE-2024-9546
CVE-2024-9546 affects the WPIDE – File Manager & Code Editor WordPress plugin (versions up to and including 3.4.9). The issue is an Unauthenticated Full Path Disclosure caused by the plugin’s use of the PHP-Parser library, which outputs parser rebuild command results. The disclosed information ca...