The FileOrganizer – Manage WordPress and Website Files...
High severity
Unreviewed
Published
Jun 7, 2024
to the GitHub Advisory Database
•
Updated Jun 7, 2024
Description
Published by the National Vulnerability Database
Jun 7, 2024
Published to the GitHub Advisory Database
Jun 7, 2024
Last updated
Jun 7, 2024
The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.0.7 via the 'fileorganizer_ajax_handler' function. This makes it possible for unauthenticated attackers to extract sensitive data including backups or other sensitive information if the files have been moved to the built-in Trash folder.
References