VYPR

Filester

by WordPress

Source repositories

CVEs (2)

  • CVE-2025-3234HigJun 14, 2025
    risk 0.47cvss 7.2epss 0.01

    The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 1.8.8. This makes it possible for authenticated attackers, with Administrator-level access and above, to…

  • CVE-2025-52710MedJun 20, 2025
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ninja Team File Manager Pro filester allows Stored XSS.This issue affects File Manager Pro: from n/a through <= 1.8.8.