Description
WordPress Plugin Simple File List is prone to a vulnerability that lets attackers delete arbitrary files because the application fails to properly verify user-supplied input. An attacker can exploit this vulnerability to delete arbitrary files in the context of the webserver process. WordPress Plugin Simple File List version 4.2.7 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 4.2.8 or latest
References
https://ctulhu.me/2020/05/16/cve-2020-12832/
https://plugins.svn.wordpress.org/simple-file-list/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin Visualizer:Tables and Charts Manager for WordPress Multiple Vulnerabilities (3.3.0)
GlassFish CVE-2010-2397 Vulnerability (CVE-2010-2397)
WordPress Plugin amr shortcode any widget Cross-Site Scripting (4.0)
SharePoint CVE-2023-36894 Vulnerability (CVE-2023-36894)
Oracle Database Server CVE-2019-2939 Vulnerability (CVE-2019-2939)