Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8
CVE-2023-5762
- EPSS 14.24%
- Veröffentlicht 04.12.2023 22:15:07
- Zuletzt bearbeitet 21.11.2024 08:42:26
The Filr WordPress plugin before 1.2.3.6 is vulnerable from an RCE (Remote Code Execution) vulnerability, which allows the operating system to execute commands and fully compromise the server on behalf of a user with Author-level privileges.
8.8
CVE-2022-1777
- EPSS 0.64%
- Veröffentlicht 13.06.2022 13:15:12
- Zuletzt bearbeitet 21.11.2024 06:41:26
The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the ...
1