CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3207 – Simple File List < 4.4.12 - Admin+ Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-3207
The Simple File List WordPress plugin before 4.4.12 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup) El plugin Simple File List de WordPress versiones anteriores a 4.4.12, no sanea y escapa de algunas de sus configuraciones, lo que podría permitir a usuarios con altos privilegios, como el administrador, llevar a cabo ataques de tipo Cross-Site Scripting Almacenado incluso cuando la capacidad unfiltered_html no está permitida (por ejemplo, en una configuración multisitio) The Simple File List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'tab' and 'subtab' parameters in versions up to, and including, 4.4.11 due to insufficient input sanitization and output escaping. This makes it possible for attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/b57272ea-9a8a-482a-bbaa-5f202ca5b9aa • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3208 – Simple File List < 4.4.13 - Page Creation via CSRF
https://notcve.org/view.php?id=CVE-2022-3208
The Simple File List WordPress plugin before 4.4.12 does not implement nonce checks, which could allow attackers to make a logged in admin create new page and change it's content via a CSRF attack. El plugin Simple File List de WordPress versiones anteriores a 4.4.12, no implementa comprobaciones de nonce, lo que podría permitir a atacantes hacer que un administrador conectado cree una nueva página y cambie su contenido por medio de un ataque de tipo CSRF The Simple File List plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.12. This is due to missing or incorrect nonce validation on its page creation function eeSFL_FREE_CreatePostwithShortcode(). This makes it possible for unauthenticated attackers to create new pages and manipulate their contents, via forged request granted they can trick a site administrator into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/80d475ca-b475-4789-8eef-9c4d880853b7 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 1CVE-2022-3062 – Simple File List < 4.4.12 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-3062
The Simple File List WordPress plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting El plugin Simple File List de WordPress versiones anteriores a 4.4.12, no escapa los parámetros antes de devolverlos en atributos, conllevando a un ataque de tipo Cross-Site Scripting Reflejado. The Simple File List plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘tab’ and 'subtab' parameters in versions up to, and including, 4.4.11 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. • https://wpscan.com/vulnerability/2e829bbe-1843-496d-a852-4150fa6d1f7a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2020-12832 – Simple File List <= 4.2.7 - Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2020-12832
WordPress Plugin Simple File List before 4.2.8 is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. WordPress Plugin Simple File List anterior a la versión 4.2.8 es propenso a una vulnerabilidad que permite a los atacantes eliminar archivos arbitrarios porque la aplicación no verifica correctamente la entrada proporcionada por el usuario. • https://ctulhu.me/2020/05/16/cve-2020-12832 https://plugins.trac.wordpress.org/changeset/2302759 https://wordpress.org/plugins/simple-file-list/#developers • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 45%CPEs: 1EXPL: 3CVE-2022-1119 – Simple File List <= 3.2.7 - Arbitrary File Download
https://notcve.org/view.php?id=CVE-2022-1119
The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7. El plugin Simple File List de WordPress es vulnerable a una descarga de archivos arbitrarios por medio del parámetro eeFile que es encontrado en el archivo ~/includes/ee-downloader.php debido a una falta de controles que hace posible que atacantes no autenticados suministren una ruta a un archivo que posteriormente será descargado, en versiones hasta 3.2.7 incluyéndola • https://github.com/z92g/CVE-2022-1119 https://docs.google.com/document/d/1qIZXTzEpI4tO6832vk1KfsSAroT0FY2l--THlhJ8z3c/edit https://plugins.trac.wordpress.org/browser/simple-file-list/trunk/includes/ee-downloader.php?rev=2071880 https://wpscan.com/vulnerability/075a3cc5-1970-4b64-a16f-3ec97e22b606 https://www.wordfence.com/threat-intel/vulnerabilities/id/ff21241d-e488-4460-b8c2-d5a070c8c107?source=cve • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •