18 Sep

Vulnerability Details: CSRF/XSS Vulnerability in File Manager (WP File Manager)

This Vulnerability Details post about a vulnerability in the plugin File Manager provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in [Read more]

05 Sep

Reflected Cross-Site Scripting (XSS) Vulnerability in File Manager

One of the problems we have found with the WordPress Support Forum is that there is  unproductive and inconsistent deletion of claims about the security of plugins. In an instance from just a couple of days ago a thread was deleted which mentioned an unfixed vulnerability in the plugin File Manager, deleting that doesn’t make [Read more]

14 Jun

Vulnerability Details: Authenticated File Manager Access Vulnerability in File Manager

This Vulnerability Details post about a vulnerability in the plugin File Manager provides the details of a vulnerability we didn’t discover and access to it is limited to customers of our service, unlike the posts on vulnerabilities we have discovered, which are freely available and give you an idea of what information is provided in [Read more]