Ninjateam Filebird
8 CVEs affecting Ninjateam Filebird. Latest disclosed: 2025-02-25. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-24385 | Critical | 9.8 | 2021-07-12 | The Filebird Plugin 4.7.3 introduced a SQL injection vulnerability as it is making SQL queries without escaping user input data from a HTTP post request. This… |
CVE-2024-2345 | Medium | 6.4 | 2024-05-02 | The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the folder name parameter i… |
CVE-2023-25966 | Medium | 5.5 | 2024-12-09 | Missing Authorization vulnerability in Ninja Team Filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird… |
CVE-2024-0691 | Medium | 5.5 | 2024-02-05 | The FileBird plugin for WordPress is vulnerable to Stored Cross-Site Scripting via imported folder titles in all versions up to, and including, 5.5.8.1 due to… |
CVE-2024-2346 | Medium | 5.4 | 2024-05-02 | The FileBird – WordPress Media Library Folders & File Manager plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and… |
CVE-2024-35166 | Medium | 5.3 | 2024-05-14 | Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ninja Team Filebird.This issue affects Filebird: from n/a through 5.6.3. |
CVE-2024-53825 | Medium | 4.7 | 2024-12-06 | Missing Authorization vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects… |
CVE-2025-26977 | Low | 3.8 | 2025-02-25 | Authorization Bypass Through User-Controlled Key vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security… |