Vulnerabilities > Ninjateam > Filebird

DATE CVE VULNERABILITY TITLE RISK
2024-02-05 CVE-2024-0691 Cross-site Scripting vulnerability in Ninjateam Filebird
The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported folder titles in all versions up to, and including, 5.5.8.1 due to insufficient input sanitization and output escaping.
network
low complexity
ninjateam CWE-79
4.8
2021-07-12 CVE-2021-24385 SQL Injection vulnerability in Ninjateam Filebird 4.7.3
The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request.
network
low complexity
ninjateam CWE-89
7.5