Vulnerabilities and security researches forwebsite-file-changes-monitor website-file-changes-monitor

Jun 07, 2024

CVE, Research URL: CVE-2022-2269
Home page URL: Security reports for Melapress File Monitor
Application: Melapress File Monitor
Date: Aug 08, 2022
Research Description: The Website File Changes Monitor WordPress plugin before 1.8.3 does not sanitise and escape user input before using it in a SQL statement via an action available to users with the manage_options capability (by default admins), leading to an SQL injection
Affected versions: Min -, max -.
Status: vulnerable

May 17, 2025

CVE, Research URL: CVE-2024-10009
Home page URL: Security reports for Melapress File Monitor
Application: Melapress File Monitor
Date: May 16, 2025
Research Description: The Melapress File Monitor WordPress plugin before 2.1.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
Affected versions: Min -, max -.
Status: vulnerable

May 19, 2025

CVE, Research URL: CVE-2024-9879
Home page URL: Security reports for Melapress File Monitor
Application: Melapress File Monitor
Date: May 16, 2025
Research Description: The Melapress File Monitor WordPress plugin before 2.1.1 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks
Affected versions: Min -, max -.
Status: vulnerable

Jul 09, 2025

CVE, Research URL: CVE-2025-3702
Home page URL: Security reports for Melapress File Monitor
Application: Melapress File Monitor
Date: Jul 03, 2025
Research Description: Missing Authorization vulnerability in Melapress Melapress File Monitor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Melapress File Monitor: from n/a before 2.2.0.
Affected versions: Min -, max -.
Status: vulnerable