Mediajedi User Private Files — known CVE vulnerabilities
Every CVE whose affected-product data names Mediajedi User Private Files, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2022-2356 — CVSS 8.8 (high): The Frontend File Manager & Sharing WordPress plugin before 1.1.3 does not filter file extensions when letting users upload files on the…
CVE-2024-7848 — CVSS 4.3 (medium): The User Private Files – WordPress File Sharing Plugin plugin for WordPress is vulnerable to Insecure Direct Object Reference in all…