Filtered by vendor Webdesi9
Subscribe
Search
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24177 | 1 Webdesi9 | 1 File Manager | 2021-04-09 | 3.5 LOW | 5.4 MEDIUM |
| In the default configuration of the File Manager WordPress plugin before 7.1, a Reflected XSS can occur on the endpoint /wp-admin/admin.php?page=wp_file_manager_properties when a payload is submitted on the User-Agent parameter. The payload is then reflected back on the web application response. | |||||
| CVE-2018-16363 | 1 Webdesi9 | 1 File Manager | 2018-11-06 | 3.5 LOW | 5.4 MEDIUM |
| The mndpsingh287 File Manager plugin V2.9 for WordPress has XSS via the lang parameter in a wp-admin/admin.php?page=wp_file_manager request because set_transient is used in file_folder_manager.php and there is an echo of lang in lib\wpfilemanager.php. | |||||
| CVE-2017-17744 | 1 Webdesi9 | 1 Custom Map | 2018-01-08 | 4.3 MEDIUM | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the custom-map plugin through 1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the map_id parameter to view/advancedsettings.php. | |||||