Filtered by vendor Bitapps
Subscriptions
Filtered by product File Manager
Subscriptions
Total
3 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2024-7627 | 1 Bitapps | 1 File Manager | 2024-09-11 | 8.1 High |
The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions. | ||||
CVE-2022-47599 | 1 Bitapps | 1 File Manager | 2024-08-03 | 5.5 Medium |
Deserialization of Untrusted Data vulnerability in File Manager by Bit Form Team File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager.This issue affects File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager: from n/a through 5.2.7. | ||||
CVE-2023-5907 | 1 Bitapps | 1 File Manager | 2024-08-02 | 6.5 Medium |
The File Manager WordPress plugin before 6.3 does not restrict the file managers root directory, allowing an administrator to set a root outside of the WordPress root directory, giving access to system files and directories even in a multisite setup, where site administrators should not be allowed to modify the sites files. |
Page 1 of 1.