Every CVE whose affected-product data names Ninjateam Filebird, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2021-24385 — CVSS 9.8 (critical): The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP…
CVE-2024-2345 — CVSS 6.4 (medium): The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the…
CVE-2023-25966 — CVSS 5.5 (medium): Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This…
CVE-2024-0691 — CVSS 5.5 (medium): The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported folder titles in all versions up to, and…
CVE-2024-2346 — CVSS 5.4 (medium): The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in…
CVE-2024-35166 — CVSS 5.3 (medium): Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a…
CVE-2024-53825 — CVSS 4.7 (medium): Missing Authorization vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security…
CVE-2025-26977 — CVSS 3.8 (low): Authorization Bypass Through User-Controlled Key vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured…