VDB
CVE-2023-4862
CVE-2023-4862
PUBLISHED
CVSS 4.800000190734863 MEDIUM
The File Manager Pro WordPress plugin before 1.8.1 does not adequately validate and escape some inputs, leading to XSS by high-privilege users.
EPSS 0.09% · 24.9th percentile
Risk Scores
CVSS 3.1
4.800000190734863
CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
EPSS Score
0.09%
24.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Unknown | File Manager Pro | 0, 0 |
| ninjateam | filester | 0, 0 |
Exploit Intelligence
- CIRCL seen: CVE-2023-4862 (circl-sighting)
- https://wpscan.com/vulnerability/81821bf5-69e1-4005-b3eb-d541490909cc (cve.org)
Timeline
- Oct 16, 2023 CVE Published
- Oct 17, 2023 EPSS Score
- Oct 17, 2023 PoC Published
- Nov 17, 2023 EPSS Score
- Dec 18, 2023 EPSS Score
- Jan 19, 2024 EPSS Score
- Feb 19, 2024 EPSS Score
- Mar 21, 2024 EPSS Score
- Apr 21, 2024 EPSS Score
- May 22, 2024 EPSS Score
- Jun 23, 2024 EPSS Score
- Jul 24, 2024 EPSS Score