Vulnerabilities > Ninjateam > Filester > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-16 | CVE-2023-4861 | Unspecified vulnerability in Ninjateam Filester The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation. | 7.2 |
2023-10-16 | CVE-2023-4827 | Unspecified vulnerability in Ninjateam Filester The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the `fs_connector` AJAX action. | 8.8 |