{"vulnerability": "CVE-2026-11911", "sightings": [{"uuid": "f44e1760-56a9-4d44-8fba-91a9622ccd81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11911", "type": "seen", "source": "https://bsky.app/profile/postac001.bsky.social/post/3moqb67alv32q", "content": "WordPress\u30d7\u30e9\u30b0\u30a4\u30f3Simple File List\uff086.3.7\u4ee5\u524d\uff09\u3067\u3001\u8a8d\u8a3c\u3055\u308c\u3066\u3044\u306a\u3044\u653b\u6483\u8005\u304c\u4efb\u610f\u306e\u30d5\u30a1\u30a4\u30eb\u3092\u524a\u9664\u3067\u304d\u308b\u8106\u5f31\u6027\u3002wp-config.php\u524a\u9664\u3067\u30ea\u30e2\u30fc\u30c8\u30b3\u30fc\u30c9\u5b9f\u884c\u306e\u53ef\u80fd\u6027\u3002\nCVE-2026-11911 CVSS 7.5 | HIGH", "creation_timestamp": "2026-06-20T16:20:07.909722Z"}, {"uuid": "e8e5d694-d4d3-4951-996a-263f91896b4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11911", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mops2wgxvv2e", "content": "CVE-2026-11911 - Simple File List\nCVE ID : CVE-2026-11911\n \n Published : June 20, 2026, 8:29 a.m. | 3\u00a0hours, 13\u00a0minutes ago\n \n Description : The Simple File List plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the eeSFL...", "creation_timestamp": "2026-06-20T11:49:52.256549Z"}, {"uuid": "9d3d8ba7-72b3-40b5-b2f8-5088b8e1a4e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11911", "type": "seen", "source": "https://bsky.app/profile/offseq.bsky.social/post/3mopnmxu4ut2i", "content": "HIGH severity flaw in eemitch Simple File List \u22646.3.7 enables unauth file deletion via AJAX, risking RCE. Restrict admin-ajax.php or disable the plugin until patch. Details: https://radar.offseq.com/threat/cve-2026-11911-cwe-22-improper-limitation-of-a-pat-c1bb6257a58c2645 #OffSeq #WordPress #Vuln", "creation_timestamp": "2026-06-20T10:30:29.512031Z"}, {"uuid": "ac6a32b9-e495-4446-acea-e593a6067167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2026-11911", "type": "seen", "source": "https://infosec.exchange/users/offseq/statuses/116781968685290768", "content": "CVE-2026-11911: HIGH severity path traversal in eemitch Simple File List (\u22646.3.7). Unauth attackers can delete files via exposed AJAX action, risking RCE. Restrict admin-ajax.php or disable plugin. Details: https://radar.offseq.com/threat/cve-2026-11911-cwe-22-improper-limitation-of-a-pat-c1bb6257a58c2645 #OffSeq #WordPress #Security", "creation_timestamp": "2026-06-20T10:30:34.153738Z"}, {"uuid": "9edd2ee8-f08b-42ec-97a6-68002310a32d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-11911", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mov2kqoxi627", "content": "CVE-2026-11911 - RCE in Simple File List WordPress plugin. Unauthenticated arbitrary file deletion via insufficient path validation. CVSS 7.5. No patch exists. Update or disable immediately. #CVE #WordPress #infosec\n\nhttps://www.valtersit.com/cve/CVE-2026-11911/", "creation_timestamp": "2026-06-22T14:05:11.867773Z"}]}