Vulnerabilities > Ninjateam > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-08 | CVE-2023-51406 | Unspecified vulnerability in Ninjateam Fastdup Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team FastDup – Fastest WordPress Migration & Duplicator.This issue affects FastDup – Fastest WordPress Migration & Duplicator: from n/a through 2.1.7. | 7.5 |
| 2023-10-16 | CVE-2023-4861 | Unspecified vulnerability in Ninjateam Filester The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation. | 7.2 |
| 2023-10-16 | CVE-2023-4827 | Unspecified vulnerability in Ninjateam Filester The File Manager Pro WordPress plugin before 1.8 does not properly check the CSRF nonce in the `fs_connector` AJAX action. | 8.8 |
| 2021-07-12 | CVE-2021-24385 | SQL Injection vulnerability in Ninjateam Filebird 4.7.3 The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request. | 7.5 |
| 2021-07-07 | CVE-2020-24142 | Server-Side Request Forgery (SSRF) vulnerability in Ninjateam Video Downloader for Tiktok 1.3 Server-side request forgery in the Video Downloader for TikTok (aka downloader-tiktok) plugin 1.3 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the njt-tk-download-video parameter. | 7.5 |