| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-8538 | Big File Uploads <= 2.1.2 - Authenticated (Author+) Full Path Disclosure | bww | Big File Uploads – Increase Maximum File Upload Size | Medium | 4.3 | 2024-09-07 08:37:02 | Deep Dive |
| CVE-2024-7627 | Bit File Manager 6.0 - 6.5.5 - Unauthenticated Remote Code Execution via Race Condition | bitpressadmin | Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress | High | 8.1 | 2024-09-05 02:04:25 | Deep Dive |
| CVE-2023-26321 | The international version of Xiaomi File Manager has a path traversal vulnerability | Xiaomi | Xiaomi File Manager App International Version | Medium | 6.3 | 2024-08-28 07:51:29 | Deep Dive |
| CVE-2024-7559 | File Manager Pro <= 8.3.7 - Authenticated (Subscriber+) Arbitrary File Upload | File Manager | File Manager Pro | High | 8.8 | 2024-08-23 02:31:47 | Deep Dive |
| CVE-2024-7848 | User Private Files <= 2.1.0 - Insecure Direct Object Reference to Authenticated (Subscriber+) Private File Access | deepakkite | File Sharing & Download Manager – User Private Files | Medium | 4.3 | 2024-08-22 10:58:41 | Deep Dive |
| CVE-2024-7301 | WordPress File Upload <= 4.24.8 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload | nickboss | Iptanus File Upload | High | 7.2 | 2024-08-16 04:29:27 | Deep Dive |
| CVE-2024-7660 | SourceCodester File Manager App Add File cross site scripting | SourceCodester | File Manager App | Low | 3.5 | 2024-08-11 03:00:08 | Deep Dive |
| CVE-2024-6494 | WordPress File Upload < 4.24.8 - Unauthenticated Stored XSS | Unknown | WordPress File Upload | - | - | 2024-08-07 06:00:06 | Deep Dive |
| CVE-2024-7317 | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.0.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via SVG File Upload | premio | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager | Medium | 6.4 | 2024-08-06 10:59:36 | Deep Dive |
| CVE-2024-6651 | WordPress File Upload < 4.24.8 - Reflected XSS | Unknown | WordPress File Upload | - | - | 2024-08-06 06:00:03 | Deep Dive |
| CVE-2024-7031 | File Manager Pro – Filester <= 1.8.2 - Authenticated Plugin Settings Update | ninjateam | File Manager Pro – Filester | High | 7.5 | 2024-08-03 08:36:58 | Deep Dive |
| CVE-2024-5852 | WordPress File Upload <= 4.24.7 - Authenticated (Contributor+) Directory Traversal | nickboss | Iptanus File Upload | Medium | 4.3 | 2024-07-16 08:32:30 | Deep Dive |
| CVE-2023-7062 | Advanced File Manager Shortcodes <= 2.4 - Authenticated (Contributor+) Directory Traversal | Advanced File Manager | Advanced File Manager Shortcodes | High | 8.8 | 2024-07-10 02:02:47 | Deep Dive |
| CVE-2023-7061 | Advanced File Manager Shortcode <= 2.5.3 - Authenticated (Contributor+) Arbitrary File Upload | Advanced File Manager | Advanced File Manager Shortcodes | High | 8.8 | 2024-07-10 02:02:41 | Deep Dive |
| CVE-2024-6309 | Attachment File Icons (AF Icons) <= 1.3 - Cross-Site Request Forgery to Arbitrary File Upload | praveen-rajan | Attachment File Icons (AF Icons) | High | 8.8 | 2024-07-09 07:38:46 | Deep Dive |
| CVE-2024-5598 | Advanced File Manager <= 5.2.4 - Sensitive Information Exposure via Directory Listing | saadiqbal | Advanced File Manager – Ultimate File Manager for WordPress And Document Library Solution | High | 7.5 | 2024-06-29 04:33:29 | Deep Dive |
| CVE-2024-2003 | Local Privilege Escalation in Quarantine of ESET products for Windows | ESET, spol. s r.o. | ESET NOD32 Antivirus | High | 7.3 | 2024-06-21 07:20:04 | Deep Dive |
| CVE-2024-2023 | Folders <= 3.0 and Folders Pro <= 3.0.2 - Directory Traversal via handle_folders_file_upload | premio | Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager | Medium | 4.3 | 2024-06-14 12:50:56 | Deep Dive |
| CVE-2024-35253 | Microsoft Azure File Sync Elevation of Privilege Vulnerability | Microsoft | Azure File Sync | Medium | 4.4 | 2024-06-11 17:00:08 | Deep Dive |
| CVE-2024-5673 | Cross-Site Scripting in PHP File Manager by Dulldusk | Dulldusk | PHP File Manager | Medium | 6.1 | 2024-06-06 10:19:35 | Deep Dive |