File Provider

2 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-4580 MEDIUM POC This Month

The File Provider WordPress plugin through 1.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

WordPress CSRF File Provider PHP
NVD WPScan
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-4578 CRITICAL POC Act Now

SQL injection in File Provider WordPress plugin through 1.2.3. PoC available.

WordPress SQLi PHP File Provider
NVD WPScan
CVSS 3.1
9.8
EPSS
0.3%
CVE-2025-4580
EPSS 0% CVSS 4.3
MEDIUM POC This Month

The File Provider WordPress plugin through 1.2.3 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack

WordPress CSRF File Provider +1
NVD WPScan
CVE-2025-4578
EPSS 0% CVSS 9.8
CRITICAL POC Act Now

SQL injection in File Provider WordPress plugin through 1.2.3. PoC available.

WordPress SQLi PHP +1
NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy