Vulnerabilities > Ninjateam > Filester > High

DATE CVE VULNERABILITY TITLE RISK
2023-10-16 CVE-2023-4861 Unspecified vulnerability in Ninjateam Filester
The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation.
network
low complexity
ninjateam
7.2
2023-10-16 CVE-2023-4827 Unspecified vulnerability in Ninjateam Filester
The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the `fs_connector` AJAX action.
network
low complexity
ninjateam
8.8