which could lead to the execution of malicious code if a malicious user has access to the server. The update version 4.4.12 fixes this issue. Update from any version above 4.4.12 to version 4.4.12 or later.
Simple File List plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting. This issue has been fixed in version 4.4.12. Update from any version above 4.4.12 to version 4.4.12 or later.
Simple File List WordPress plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting. This issue has been fixed in version 4.4.12. Update from any version above 4.4.12 to version 4.4.12 or later.
Simple File List WordPress plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting. This issue has been fixed in version 4.4.12. Update from any version above 4.4.12 to version 4.4.12 or later.
Simple File List WordPress plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting. This issue has been fixed in version 4.4.
Upgrade from version 4.4.11 or earlier
Simple File List WordPress plugin before 4.4.12 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting. This issue has been fixed in version 4.4.12. Update from any version above 4.4.12 to version 4.4.12 or later to resolve this vulnerability and protect your website from malicious code execution by malicious users if they have access to your server's files on the site root directory or a subdirectory thereof
The most recent update of this plugin fixes the issue and protects your website from the potential for malicious code execution by malicious users if they have access to your server's files on the site root directory or a subdirectory thereof
What to do if you are affected?
If you are affected, update from any version above 4.4.12 to version 4.4.12 or later.
Another Wordpress Vulnerability Found
This bug was found in Simple File List plugin before 4.4 and was fixed in version 4.4.
Update from any version above 4.4 to version 4.4 or later.
Simple File List WordPress plugin before 4.4 does not escape parameters before outputting them back in attributes, leading to Reflected Cross-Site Scripting. This issue has been fixed in version 4.4.12 Update from any version above 4.4 to version 4.4 or later
Timeline
Published on: 09/26/2022 13:15:00 UTC
Last modified on: 09/27/2022 03:44:00 UTC