[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fy426ZrQhXfIJxSv5P27KKzLLe1hdqgrSnfYJyeZUZcw":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"WF-077b3483-ab1c-401d-aa67-c4da5fca90b4-wp-file-manager","file-manager-missing-authorization-on-ajax-actions","File Manager \u003C= 4.8 - Missing Authorization on AJAX Actions","The File Manager plugin for WordPress is vulnerable to authorization bypass due to missing capability checks on various functions hooked via AJAX actions in versions up to, and including, 4.8. This makes it possible for authenticated attackers with subscriber-level permissions and above to delete back-ups and view sensitive information about back-ups.","wp-file-manager",null,"\u003C=4.8","4.9","medium",6.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:L\u002FUI:N\u002FS:U\u002FC:L\u002FI:L\u002FA:L","Missing Authorization","2019-08-07 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F077b3483-ab1c-401d-aa67-c4da5fca90b4?source=api-prod",1630]