CVE-2022-2554 The Enable Media Replace plugin before 4.0.0 doesn't ensure that renamed files are moved to the Upload folder, which could be vulnerable to a path traversal attack.
This could allow high privilege users to delete the contents of the media folder outside the web root and possibly leak sensitive information. WordPress 4.
CVE-2022-3209 The id, datafilter, and others parameters in the penci_more_slist_post_ajax AJAX action are not sanitised, leading to a Reflected XSS vulnerability.
This issue could be exploited by injecting malicious code into the {id,datafilter[type],...} parameters when a user clicks on the penci_more_slist_post_
CVE-2022-3208 The before 4.4.12 version of the Simple File List plugin doesn't have nonce checks, which could be exploited in a CSRF attack.
WordPress does not have a way to validate nonces on the front end, so this vulnerability could be exploited by an attacker without requiring any
CVE-2022-3207 The Before version of the Simple File List plugin has a security issue where high privilege users can do CSST.
The issue was discovered when Simple File List team updated their plugin to version 4.4.12, which introduced a new feature to be able
CVE-2022-2981 The Download Monitor plugin before 4.5.98 doesn't check files to be downloaded are in the blog folders, allowing high-privilege users such as admins to download wp-config.php or /etc/passwd.
This issue has been fixed in version 4.5.99. If you have installed version 4.5.98 or earlier, you need to update to
Episode
00:00:00
00:00:00