Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
10 vulnerabilities found for Simple File List by eemitch
CVE-2026-12119 (GCVE-0-2026-12119)
Vulnerability from nvd – Published: 2026-06-20 08:29 – Updated: 2026-06-22 17:47
VLAI
Title
Simple File List <= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute
Summary
The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' shortcode attribute in all versions up to, and including, 6.3.7. This makes it possible for authenticated attackers, with contributor-level access and above, to perform arbitrary file operations including deletion, move, folder creation, and download. An attacker can create a draft post containing the 'eeSFL' shortcode, render it via the post preview endpoint to harvest the nonce needed to authorize the operations, and then submit file operation requests that bypass the intended authorization checks in includes/ee-list-ops-bar-process.php.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
6 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , ≤ 6.3.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T17:46:51.269668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T17:47:00.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThanOrEqual": "6.3.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chloe Chamberland"
},
{
"lang": "en",
"type": "finder",
"value": "PRISM"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the \u0027frontmanage\u0027 shortcode attribute in all versions up to, and including, 6.3.7. This makes it possible for authenticated attackers, with contributor-level access and above, to perform arbitrary file operations including deletion, move, folder creation, and download. An attacker can create a draft post containing the \u0027eeSFL\u0027 shortcode, render it via the post preview endpoint to harvest the nonce needed to authorize the operations, and then submit file operation requests that bypass the intended authorization checks in includes/ee-list-ops-bar-process.php."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T08:29:49.055Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f1ed51a3-c049-4816-ada1-49f7edcb9a6f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-front-end.php#L140"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-ops-bar-process.php#L50"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-ops-bar-display.php#L25"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-display.php#L341"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3579098%40simple-file-list\u0026new=3579098%40simple-file-list\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-15T14:38:49.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-06-19T20:27:15.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via \u0027frontmanage\u0027 Shortcode Attribute"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-12119",
"datePublished": "2026-06-20T08:29:49.055Z",
"dateReserved": "2026-06-12T15:00:06.461Z",
"dateUpdated": "2026-06-22T17:47:00.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-11912 (GCVE-0-2026-11912)
Vulnerability from nvd – Published: 2026-06-20 08:29 – Updated: 2026-06-22 12:46
VLAI
Title
Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action
Summary
The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is exploitable even when the administrator has not enabled the AllowFrontManage setting, because the is_admin() check unconditionally short-circuits the guard before that setting is evaluated.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , ≤ 6.3.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-11912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T12:45:45.838239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T12:46:00.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThanOrEqual": "6.3.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chloe Chamberland"
},
{
"lang": "en",
"type": "finder",
"value": "PRISM"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is exploitable even when the administrator has not enabled the AllowFrontManage setting, because the is_admin() check unconditionally short-circuits the guard before that setting is evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T08:29:48.184Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/509a40d2-a33a-49ba-b858-fa8805127a1b?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L1265"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L1586"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/simple-file-list.php#L262"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-display.php#L473"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L880"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3579098%40simple-file-list\u0026new=3579098%40simple-file-list\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-15T14:38:49.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-06-19T20:27:11.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-11912",
"datePublished": "2026-06-20T08:29:48.184Z",
"dateReserved": "2026-06-10T16:38:42.826Z",
"dateUpdated": "2026-06-22T12:46:00.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-11911 (GCVE-0-2026-11911)
Vulnerability from nvd – Published: 2026-06-20 08:29 – Updated: 2026-06-22 18:13
VLAI
Title
Simple File List <= 6.3.7 - Unauthenticated Arbitrary File Deletion via Path Traversal in 'eeSubFolder' Parameter
Summary
The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL_DeleteFile function in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The simplefilelist_edit_job AJAX action is registered via wp_ajax_nopriv_, making it accessible without authentication, and the is_admin() guard that would otherwise restrict access is bypassed because is_admin() always returns true for requests to the admin-ajax.php endpoint.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
6 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , ≤ 6.3.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-11911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T17:51:12.207576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T18:13:12.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThanOrEqual": "6.3.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chloe Chamberland"
},
{
"lang": "en",
"type": "finder",
"value": "PRISM"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL_DeleteFile function in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The simplefilelist_edit_job AJAX action is registered via wp_ajax_nopriv_, making it accessible without authentication, and the is_admin() guard that would otherwise restrict access is bypassed because is_admin() always returns true for requests to the admin-ajax.php endpoint."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T08:29:48.704Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/748c4ca8-fcbf-43e5-ab70-721e83253663?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L894"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L1281"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/simple-file-list.php#L262"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-display.php#L473"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3579098%40simple-file-list\u0026new=3579098%40simple-file-list\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-15T14:38:49.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-06-19T20:27:13.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c= 6.3.7 - Unauthenticated Arbitrary File Deletion via Path Traversal in \u0027eeSubFolder\u0027 Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-11911",
"datePublished": "2026-06-20T08:29:48.704Z",
"dateReserved": "2026-06-10T16:35:08.986Z",
"dateUpdated": "2026-06-22T18:13:12.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36847 (GCVE-0-2020-36847)
Vulnerability from nvd – Published: 2025-07-12 09:24 – Updated: 2026-04-08 17:11
VLAI
Title
Simple File List < 4.2.3 - Remote Code Execution
Summary
The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , < 4.2.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36847",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-14T14:39:22.829799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T20:11:54.211Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coiffeur"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:11:48.634Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9eb835fd-6ebf-4162-856c-0366b663a07e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2286920/simple-file-list"
},
{
"url": "https://packetstormsecurity.com/files/160221/"
},
{
"url": "https://www.cybersecurity-help.cz/vdb/SB2020042711"
},
{
"url": "https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/"
}
],
"timeline": [
{
"lang": "en",
"time": "2020-11-02T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c 4.2.3 - Remote Code Execution"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2020-36847",
"datePublished": "2025-07-12T09:24:28.215Z",
"dateReserved": "2025-07-11T21:23:42.099Z",
"dateUpdated": "2026-04-08T17:11:48.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-1119 (GCVE-0-2022-1119)
Vulnerability from nvd – Published: 2022-04-19 20:26 – Updated: 2026-04-08 17:35
VLAI
Title
Simple File List <= 3.2.7 - Arbitrary File Download
Summary
The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7.
Severity
7.5 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , ≤ 3.2.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:23.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff21241d-e488-4460-b8c2-d5a070c8c107?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/trunk/includes/ee-downloader.php?rev=2071880"
},
{
"tags": [
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/075a3cc5-1970-4b64-a16f-3ec97e22b606"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.google.com/document/d/1qIZXTzEpI4tO6832vk1KfsSAroT0FY2l--THlhJ8z3c/edit"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThanOrEqual": "3.2.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bernardo Rodrigues"
},
{
"lang": "en",
"type": "finder",
"value": "Admavidhya N"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the\u00a0eeFile parameter found\u00a0in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:35:16.664Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff21241d-e488-4460-b8c2-d5a070c8c107?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/trunk/includes/ee-downloader.php?rev=2071880"
},
{
"url": "https://wpscan.com/vulnerability/075a3cc5-1970-4b64-a16f-3ec97e22b606"
},
{
"url": "https://docs.google.com/document/d/1qIZXTzEpI4tO6832vk1KfsSAroT0FY2l--THlhJ8z3c/edit"
}
],
"timeline": [
{
"lang": "en",
"time": "2019-05-23T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c= 3.2.7 - Arbitrary File Download"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2022-1119",
"datePublished": "2022-04-19T20:26:35.000Z",
"dateReserved": "2022-03-28T00:00:00.000Z",
"dateUpdated": "2026-04-08T17:35:16.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-12119 (GCVE-0-2026-12119)
Vulnerability from cvelistv5 – Published: 2026-06-20 08:29 – Updated: 2026-06-22 17:47
VLAI
Title
Simple File List <= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via 'frontmanage' Shortcode Attribute
Summary
The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the 'frontmanage' shortcode attribute in all versions up to, and including, 6.3.7. This makes it possible for authenticated attackers, with contributor-level access and above, to perform arbitrary file operations including deletion, move, folder creation, and download. An attacker can create a draft post containing the 'eeSFL' shortcode, render it via the post preview endpoint to harvest the nonce needed to authorize the operations, and then submit file operation requests that bypass the intended authorization checks in includes/ee-list-ops-bar-process.php.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
6 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , ≤ 6.3.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-12119",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T17:46:51.269668Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T17:47:00.846Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThanOrEqual": "6.3.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chloe Chamberland"
},
{
"lang": "en",
"type": "finder",
"value": "PRISM"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple File List plugin for WordPress is vulnerable to unauthorized file operations due to a missing authorization check on the \u0027frontmanage\u0027 shortcode attribute in all versions up to, and including, 6.3.7. This makes it possible for authenticated attackers, with contributor-level access and above, to perform arbitrary file operations including deletion, move, folder creation, and download. An attacker can create a draft post containing the \u0027eeSFL\u0027 shortcode, render it via the post preview endpoint to harvest the nonce needed to authorize the operations, and then submit file operation requests that bypass the intended authorization checks in includes/ee-list-ops-bar-process.php."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T08:29:49.055Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f1ed51a3-c049-4816-ada1-49f7edcb9a6f?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-front-end.php#L140"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-ops-bar-process.php#L50"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-ops-bar-display.php#L25"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-display.php#L341"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3579098%40simple-file-list\u0026new=3579098%40simple-file-list\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-15T14:38:49.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-06-19T20:27:15.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c= 6.3.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary File Operations (Deletion / Move / Folder Creation / Download) via \u0027frontmanage\u0027 Shortcode Attribute"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-12119",
"datePublished": "2026-06-20T08:29:49.055Z",
"dateReserved": "2026-06-12T15:00:06.461Z",
"dateUpdated": "2026-06-22T17:47:00.846Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-11911 (GCVE-0-2026-11911)
Vulnerability from cvelistv5 – Published: 2026-06-20 08:29 – Updated: 2026-06-22 18:13
VLAI
Title
Simple File List <= 6.3.7 - Unauthenticated Arbitrary File Deletion via Path Traversal in 'eeSubFolder' Parameter
Summary
The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL_DeleteFile function in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The simplefilelist_edit_job AJAX action is registered via wp_ajax_nopriv_, making it accessible without authentication, and the is_admin() guard that would otherwise restrict access is bypassed because is_admin() always returns true for requests to the admin-ajax.php endpoint.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
6 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , ≤ 6.3.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-11911",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T17:51:12.207576Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T18:13:12.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThanOrEqual": "6.3.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chloe Chamberland"
},
{
"lang": "en",
"type": "finder",
"value": "PRISM"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL_DeleteFile function in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). The simplefilelist_edit_job AJAX action is registered via wp_ajax_nopriv_, making it accessible without authentication, and the is_admin() guard that would otherwise restrict access is bypassed because is_admin() always returns true for requests to the admin-ajax.php endpoint."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T08:29:48.704Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/748c4ca8-fcbf-43e5-ab70-721e83253663?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L894"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L1281"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/simple-file-list.php#L262"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-display.php#L473"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3579098%40simple-file-list\u0026new=3579098%40simple-file-list\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-15T14:38:49.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-06-19T20:27:13.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c= 6.3.7 - Unauthenticated Arbitrary File Deletion via Path Traversal in \u0027eeSubFolder\u0027 Parameter"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-11911",
"datePublished": "2026-06-20T08:29:48.704Z",
"dateReserved": "2026-06-10T16:35:08.986Z",
"dateUpdated": "2026-06-22T18:13:12.608Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-11912 (GCVE-0-2026-11912)
Vulnerability from cvelistv5 – Published: 2026-06-20 08:29 – Updated: 2026-06-22 12:46
VLAI
Title
Simple File List <= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action
Summary
The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is exploitable even when the administrator has not enabled the AllowFrontManage setting, because the is_admin() check unconditionally short-circuits the guard before that setting is evaluated.
Severity
7.5 (High)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-862 - Missing Authorization
Assigner
References
7 references
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , ≤ 6.3.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-11912",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-06-22T12:45:45.838239Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-06-22T12:46:00.236Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThanOrEqual": "6.3.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chloe Chamberland"
},
{
"lang": "en",
"type": "finder",
"value": "PRISM"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple File List plugin for WordPress is vulnerable to arbitrary file modification due to insufficient authorization checks in all versions up to, and including, 6.3.7. This makes it possible for unauthenticated attackers to delete and modify files on the serve. This vulnerability is exploitable even when the administrator has not enabled the AllowFrontManage setting, because the is_admin() check unconditionally short-circuits the guard before that setting is evaluated."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-20T08:29:48.184Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/509a40d2-a33a-49ba-b858-fa8805127a1b?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L1265"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L1586"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/simple-file-list.php#L262"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-list-display.php#L473"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/tags/6.3.6/includes/ee-functions.php#L880"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3579098%40simple-file-list\u0026new=3579098%40simple-file-list\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2026-06-15T14:38:49.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-06-19T20:27:11.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c= 6.3.7 - Missing Authorization to Unauthenticated File Modification via simplefilelist_edit_job AJAX Action"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2026-11912",
"datePublished": "2026-06-20T08:29:48.184Z",
"dateReserved": "2026-06-10T16:38:42.826Z",
"dateUpdated": "2026-06-22T12:46:00.236Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-36847 (GCVE-0-2020-36847)
Vulnerability from cvelistv5 – Published: 2025-07-12 09:24 – Updated: 2026-04-08 17:11
VLAI
Title
Simple File List < 4.2.3 - Remote Code Execution
Summary
The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , < 4.2.3
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-36847",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-14T14:39:22.829799Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-14T20:11:54.211Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"exploit"
],
"url": "https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThan": "4.2.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "coiffeur"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple-File-List Plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.2.2 via the rename function which can be used to rename uploaded PHP code with a png extension to use a php extension. This allows unauthenticated attackers to execute code on the server."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:11:48.634Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/9eb835fd-6ebf-4162-856c-0366b663a07e?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset/2286920/simple-file-list"
},
{
"url": "https://packetstormsecurity.com/files/160221/"
},
{
"url": "https://www.cybersecurity-help.cz/vdb/SB2020042711"
},
{
"url": "https://wpscan.com/vulnerability/365da9c5-a8d0-45f6-863c-1b1926ffd574/"
}
],
"timeline": [
{
"lang": "en",
"time": "2020-11-02T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c 4.2.3 - Remote Code Execution"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2020-36847",
"datePublished": "2025-07-12T09:24:28.215Z",
"dateReserved": "2025-07-11T21:23:42.099Z",
"dateUpdated": "2026-04-08T17:11:48.634Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2022-1119 (GCVE-0-2022-1119)
Vulnerability from cvelistv5 – Published: 2022-04-19 20:26 – Updated: 2026-04-08 17:35
VLAI
Title
Simple File List <= 3.2.7 - Arbitrary File Download
Summary
The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the eeFile parameter found in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7.
Severity
7.5 (High)
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| eemitch | Simple File List |
Affected:
0 , ≤ 3.2.7
(semver)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:23.871Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff21241d-e488-4460-b8c2-d5a070c8c107?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/trunk/includes/ee-downloader.php?rev=2071880"
},
{
"tags": [
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/075a3cc5-1970-4b64-a16f-3ec97e22b606"
},
{
"tags": [
"x_transferred"
],
"url": "https://docs.google.com/document/d/1qIZXTzEpI4tO6832vk1KfsSAroT0FY2l--THlhJ8z3c/edit"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Simple File List",
"vendor": "eemitch",
"versions": [
{
"lessThanOrEqual": "3.2.7",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Bernardo Rodrigues"
},
{
"lang": "en",
"type": "finder",
"value": "Admavidhya N"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Simple File List WordPress plugin is vulnerable to Arbitrary File Download via the\u00a0eeFile parameter found\u00a0in the ~/includes/ee-downloader.php file due to missing controls which makes it possible unauthenticated attackers to supply a path to a file that will subsequently be downloaded, in versions up to and including 3.2.7."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:35:16.664Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/ff21241d-e488-4460-b8c2-d5a070c8c107?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/simple-file-list/trunk/includes/ee-downloader.php?rev=2071880"
},
{
"url": "https://wpscan.com/vulnerability/075a3cc5-1970-4b64-a16f-3ec97e22b606"
},
{
"url": "https://docs.google.com/document/d/1qIZXTzEpI4tO6832vk1KfsSAroT0FY2l--THlhJ8z3c/edit"
}
],
"timeline": [
{
"lang": "en",
"time": "2019-05-23T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "Simple File List \u003c= 3.2.7 - Arbitrary File Download"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2022-1119",
"datePublished": "2022-04-19T20:26:35.000Z",
"dateReserved": "2022-03-28T00:00:00.000Z",
"dateUpdated": "2026-04-08T17:35:16.664Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}