Wicked Folders
wickedplugins
Developer
4.1.1
Latest version
20,000
Installations
No date
Last updated
Vulnerability history
0 present
20 patched
10 Mitigation rules
- Insecure Direct Object Reference to Authenticated (Contributor+) Arbitrary Folder Deletion vulnerability<= 4.1.016/03/2026
- Missing Authorization via ajax_save_state vulnerability<= 2.18.1608/02/2023
- Missing Authorization on ajax_clone_folder vulnerability<= 2.18.1608/02/2023
- Cross-Site Request Forgery via ajax_save_sort_order vulnerability<= 2.18.1608/02/2023
- Missing Authorization on ajax_save_folder_order vulnerability<= 2.18.1608/02/2023
- Cross-Site Request Forgery via ajax_clone_folder vulnerability<= 2.18.1608/02/2023
- Cross-Site Request Forgery via ajax_edit_folder vulnerability<= 2.18.1608/02/2023
- Missing Authorization on ajax_edit_folder vulnerability<= 2.18.1608/02/2023
- Missing Authorization via ajax_delete_folder vulnerability<= 2.18.1608/02/2023
- Cross-Site Request Forgery via ajax_save_state vulnerability<= 2.18.1608/02/2023
- Cross-Site Request Forgery via ajax_add_folder vulnerability<= 2.18.1608/02/2023
- Missing Authorization on ajax_save_folder vulnerability<= 2.18.1608/02/2023
- Cross-Site Request Forgery on ajax_move_object vulnerability<= 2.18.1608/02/2023
- Missing Authorization on ajax_save_sort_order vulnerability<= 2.18.1608/02/2023
- Cross-Site Request Forgery via ajax_delete_folder vulnerability<= 2.18.1608/02/2023
- Cross-Site Request Forgery via ajax_save_folder_order vulnerability<= 2.18.1608/02/2023
- Missing Authorization on ajax_move_object vulnerability<= 2.18.1608/02/2023
- Cross-Site Request Forgery on ajax_save_folder vulnerability<= 2.18.1608/02/2023
- Missing Authorization on ajax_add_folder vulnerability<= 2.18.1608/02/2023
- SQL Injection (SQLi) vulnerability<= 2.18.903/01/2022