CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Filemanagerpro: Security Vulnerabilities

CVE-2018-16966

There is a CSRF vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter.

CVSS Score

8.8

EPSS Score

0.002

Published

2019-04-15

CVE-2018-16967

There is an XSS vulnerability in the mndpsingh287 File Manager plugin 3.0 for WordPress via the page=wp_file_manager_root public_path parameter.

CVSS Score

6.1

EPSS Score

0.004

Published

2019-04-15

CVE-2018-16363

The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\wpfilemanager.php.

CVSS Score

5.4

EPSS Score

0.002

Published

2018-09-07

Page 2

Vulnerabilities

Vulnerable Software

Filemanagerpro: Security Vulnerabilities

Products

Pricing

Contact Us