CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-5762 – Filr – Secure document library < 1.2.3.6 - Author+ RCE via file upload with phar ext
https://notcve.org/view.php?id=CVE-2023-5762
The Filr WordPress plugin before 1.2.3.6 is vulnerable from an RCE (Remote Code Execution) vulnerability, which allows the operating system to execute commands and fully compromise the server on behalf of a user with Author-level privileges. El complemento Filr de WordPress anterior a 1.2.3.6 es afectado por una vulnerabilidad RCE (ejecución remota de código), que permite al sistema operativo ejecutar comandos y comprometer completamente el servidor en nombre de un usuario con privilegios de nivel de autor. The Filr – Secure document library plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to 1.2.3.5 (inclusive). This makes it possible for authenticated attackers, with author-level or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. • https://wpscan.com/vulnerability/6ad99725-eccc-4b61-bce2-668b62619deb • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-1777 – Filr - Secure Document Library < 1.2.2.1 - Subscriber+ AJAX Calls
https://notcve.org/view.php?id=CVE-2022-1777
The Filr WordPress plugin before 1.2.2.1 does not have authorisation check in two of its AJAX actions, allowing them to be called by any authenticated users, such as subscriber. They are are protected with a nonce, however the nonce is leaked on the dashboard. This could allow them to upload arbitrary HTML files as well as delete all files or arbitrary ones. El plugin Filr de WordPress versiones anteriores a 1.2.2.1, no presenta comprobación de autorización en dos de sus acciones AJAX, lo que permite que sean llamadas por cualquier usuario autenticado, como el suscriptor. Están protegidas con un nonce, sin embargo el nonce es filtrado en el dashboard. • https://wpscan.com/vulnerability/a50dc7f8-a9e6-41fa-a047-ad1c3bc309b4 • CWE-862: Missing Authorization •