Vulnerabilities > Ninjateam > Filester
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-16 | CVE-2023-4861 | Unspecified vulnerability in Ninjateam Filester The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation. | 7.2 |
| 2023-10-16 | CVE-2023-4862 | Unspecified vulnerability in Ninjateam Filester The File Manager Pro WordPress plugin before 1.8.1 does not adequately validate and escape some inputs, leading to XSS by high-privilege users. | 4.8 |
| 2023-10-16 | CVE-2023-4827 | Unspecified vulnerability in Ninjateam Filester The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the `fs_connector` AJAX action. | 8.8 |