Vulnerabilities > Wpjos
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-06-23 | CVE-2017-20091 | Cross-Site Request Forgery (CSRF) vulnerability in Wpjos Library File Manager 3.0.1 A vulnerability was found in File Manager Plugin 3.0.1. | 4.3 |
| 2022-04-04 | CVE-2022-0403 | Unrestricted Upload of File with Dangerous Type vulnerability in Wpjos Library File Manager The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues (CVE-2021-32682), and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any authenticated users, such as subscriber to call it. | 5.5 |