Find out about vulnerable plugins in your websites for free.
Page Creation via Cross-Site Request Forgery (CSRF) vulnerability was discovered by Raad Haddad (Cloudyrion GmbH) in the WordPress Simple File List plugin (versions <= 4.4.12).
Update the WordPress Simple File List plugin to the latest available version (at least 4.4.13).
Authenticated Stored CrossSite Scripting (XSS) vulnerability
Arbitrary File Download vulnerability
Authenticated Arbitrary File Deletion vulnerability
Unauthenticated Arbitrary File Upload vulnerability leading to Remote Code Execution (RCE)
Unauthenticated Arbitrary File Download vulnerability