Every CVE whose affected-product data names Ninjateam Filester, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (7)
CVE-2023-4827 — CVSS 8.8 (high): The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the `fs_connector` AJAX action. This allows…
CVE-2024-7031 — CVSS 7.5 (high): The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…
CVE-2024-8066 — CVSS 7.5 (high): The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due to missing validation in the…
CVE-2024-9669 — CVSS 7.2 (high): The File Manager Pro – Filester plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and…
CVE-2023-4861 — CVSS 7.2 (high): The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user…
CVE-2023-4862 — CVSS 4.8 (medium): The File Manager Pro WordPress plugin before 1.8.1 does not adequately validate and escape some inputs, leading to XSS by high-privilege…
CVE-2024-12331 — CVSS 4.3 (medium): The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check…