- Description
- The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 1.1.4 via the 'default_lang' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary JavaScript files on the server, allowing the execution of any JavaScript code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where images and other “safe” file types can be uploaded and included.
- Source
- security@wordfence.com
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 7.2
- Impact score
- 5.9
- Exploitability score
- 1.2
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- security@wordfence.com
- CWE-22
- Hype score
- Not currently trending
CVE-2024-11010 (CVSS:7.2, HIGH) is Awaiting Analysis. The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Local JavaScript File Inclu..https://t.co/A3V4zDUrTT #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
12 Dec 2024
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE Alert: CVE-2024-11010 - https://t.co/jGaxogoyQN #OSINT #ThreatIntel #CyberSecurity #cve_2024_11010
@RedPacketSec
8 Dec 2024
95 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11010 Local File Inclusion in FileOrganizer WordPress Plugin Exploitable by Admins The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is prone to Local File Inclusion vulnerabili... https://t.co/1lFeAgj8sn
@VulmonFeeds
7 Dec 2024
56 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-11010 The FileOrganizer – Manage WordPress and Website Files plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.1.4 via the … https://t.co/T2lh9IAMk1
@CVEnew
7 Dec 2024
418 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes