VYPR

Fileorganizer

by Fileorganizer

CVEs (3)

  • CVE-2024-5599HigJun 7, 2024
    risk 0.42cvss 7.5epss 0.01

    The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizer_ajax_handler' function. This makes it possible for unauthenticated attackers to…

  • CVE-2024-2324MedMay 2, 2024
    risk 0.29cvss 4.4epss 0.00

    The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via svg file upload in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for…

  • CVE-2024-7985Oct 29, 2024
    risk 0.00cvss epss 0.02

    The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the "fileorganizer_ajax_handler" function in all versions up to, and including, 1.0.9. This makes it possible for…