Vulnerabilities > Ninjateam > Filester > 1.8.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-12-19 | CVE-2024-12331 | Missing Authorization vulnerability in Ninjateam Filester The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ajax_install_plugin' function in all versions up to, and including, 1.8.6. | 4.3 |
| 2024-11-28 | CVE-2024-8066 | Unspecified vulnerability in Ninjateam Filester The File Manager Pro – Filester plugin for WordPress is vulnerable to arbitrary file uploads due to missing validation in the 'fsConnector' function in all versions up to, and including, 1.8.6. | 8.8 |
| 2024-11-28 | CVE-2024-9669 | Path Traversal vulnerability in Ninjateam Filester The File Manager Pro – Filester plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 1.8.5 via the 'fm_locale' parameter. | 7.2 |
| 2024-08-03 | CVE-2024-7031 | Unspecified vulnerability in Ninjateam Filester The File Manager Pro – Filester plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'njt_fs_saveSettingRestrictions' function in all versions up to, and including, 1.8.2. | 8.8 |