CVE-2018-16967 – File Manager <= 3.0 - Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-16967
There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter. El plugin mndpsingh287 File Manager para WordPress es vulnerable a un Cross-site scripting (XSS) a través del parametro page=wp_file_manager_root public_path. There is an XSS vulnerability in the File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter. • https://ansawaf.blogspot.com/2019/04/file-manager-plugin-wordpress-plugin.html https://wordpress.org/plugins/wp-file-manager/#developers https://wpvulndb.com/vulnerabilities/9614 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-16966 – File Manager <= 3.0 - Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2018-16966
There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter. El plugin mndpsingh287 File Manager para WordPress es vulnerable a un Cross-site request forgery (CSRF) a través del parametro page=wp_file_manager_root public_path. There is a CSRF vulnerability in the File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter. • https://ansawaf.blogspot.com/2019/04/file-manager-plugin-wordpress-plugin.html https://wordpress.org/plugins/wp-file-manager/#developers https://wpvulndb.com/vulnerabilities/9614 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2018-25105 – File Manager <= 3.0 - Unauthenticated Arbitrary File Upload/Download
https://notcve.org/view.php?id=CVE-2018-25105
The File Manager plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in the /inc/root.php file in versions up to, and including, 3.0. This makes it possible for unauthenticated attackers to download arbitrary files from the server and upload arbitrary files that can be used for remote code execution. • https://www.wordfence.com/threat-intel/vulnerabilities/id/a56d5a2f-ae13-4523-bc4a-17bb2fb4c6f0?source=cve https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&old=1942390%40wp-file-manager&new=1942390%40wp-file-manager&sfp_email=&sfph_mail= • CWE-862: Missing Authorization •
CVE-2018-16363 – File Manager <= 2.9 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-16363
The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\wpfilemanager.php. El plugin mndpsingh287 File Manager V2.9 para WordPress tiene Cross-Site Scripting (XSS) mediante el parámetro lang en una petición wp-admin/admin.php?page=wp_file_manager debido a que se emplea set_transient en file_folder_manager.php y hay un eco de lang en lib\wpfilemanager.php. • http://blog.51cto.com/010bjsoft/2171087 https://plugins.trac.wordpress.org/changeset/1936043 https://wordpress.org/support/topic/security-concern-6/#post-10655739 https://wpvulndb.com/vulnerabilities/9126 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-7204 – Bit File Manager <= 5.0.0 - Information Disclosure
https://notcve.org/view.php?id=CVE-2018-7204
inc/logger.php in the Giribaz File Manager plugin before 5.0.2 for WordPress logged activity related to the plugin in /wp-content/uploads/file-manager/log.txt. If a user edits the wp-config.php file using this plugin, the wp-config.php contents get added to log.txt, which is not protected and contains database credentials, salts, etc. These files have been indexed by Google and a simple dork will find affected sites. inc/logger.php en el plugin Giribaz File Manager, en versiones anteriores a la 5.0.2, para WordPress registraba la actividad relacionada con el plugin en /wp-content/uploads/file-manager/log.txt. Si un usuario edita el archivo wp-config.php empleando este plugin, el contenido de wp-config.php se añade a log.txt, que no está protegido y contiene credenciales de base de datos, sales, etc. Estos archivos han sido indexados por Google y una simple búsqueda con Dork encontrará los sitios afectados. • https://plugins.trac.wordpress.org/changeset/1823035/file-manager https://wordpress.org/plugins/file-manager/#developers https://wpvulndb.com/vulnerabilities/9036 • CWE-532: Insertion of Sensitive Information into Log File •