FileOrganizer <= 1.0.2 - Admin+ Arbitrary File Access
CVE-2023-3664
7.2HIGH
What is CVE-2023-3664?
The FileOrganizer plugin for WordPress, specifically versions up to 1.0.2, is affected by a significant security vulnerability that allows site administrators on multisite installations to exploit the lack of access restrictions. This flaw could enable unauthorized individuals to gain extensive control over the server, raising concerns about data integrity and confidentiality. Administrators should investigate and apply the necessary updates to mitigate potential risks.
Affected Version(s)
FileOrganizer 0 <= 1.0.2