[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$feMtC49qklFGjMmmiQceA-w8SirIPeTe5mvdPeeuI1kM":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2023-3664","fileorganizer-authenticated-admin-arbitrary-file-access","FileOrganizer \u003C= 1.0.3 - Authenticated (Admin+) Arbitrary File Access","The FileOrganizer plugin for WordPress is vulnerable to unauthorized access of data due to missing controls throughout the plugin's functionality in versions up to, and including, 1.0.3. This makes it possible for authenticated attackers, with administrative-level access, to control files on multi-site installation where this functionality should be restricted to super admin.","fileorganizer",null,"\u003C=1.0.3","1.0.4","low",2.7,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:H\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Missing Authorization","2023-09-03 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F11c9124d-80e0-435d-9eb4-901c4f481a6f?source=api-prod",142]