Advanced File Manager Shortcodes vulnerabilities
2 known vulnerabilities affecting advanced_file_manager/advanced_file_manager_shortcodes.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH2
Vulnerabilities
Page 1 of 1
CVE-2023-7061P2HIGHCVSS 8.8≤ 2.5.32024-07-10
CVE-2023-7061 [HIGH] CWE-434 CVE-2023-7061: The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads in
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers with contributor access or above to upload arbitrary files on the affected site's server which may make remote code execution possible.
nvd
CVE-2023-7062P3HIGHCVSS 8.8≤ 2.42024-07-10
CVE-2023-7062 [HIGH] CWE-538 CVE-2023-7062: The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in al
The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 2.4. This makes it possible for attackers with contributor access or higher to read the contents of arbitrary files on the server, which can contain sensitive information.
nvd