cleantalk
Vulnerabilities and Security Researches

iFolders – Ultimate WordPress Media Library Folder Manager, CVE-2023-41949

CVE, Research URL

CVE-2023-41949

Home page URL

Security reports for iFolders – Ultimate WordPress Media Library Folder Manager

Application

iFolders – Ultimate WordPress Media Library Folder Manager

Published on
Sep 25, 2023
Research Description
Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Avirtum iFolders plugin <= 1.5.0 versions.
Affected versions
Min -, max 1.5.1.
Status
vulnerable
Previous vulnerability researches
iFolders &#8211; Ultimate WordPress Media Library Folder Manager (CVE-2023-41949) , Jun 07, 2024
iFolders &#8211; Ultimate WordPress Media Library Folder Manager (c6208089ed8f158e9c806d56b83d542b2566df2c) , Jun 07, 2024
New vulnerability
Contact Form 7 reCAPTCHA (CVE-2025-23972) , Jul 08, 2025
Easy Stripe (CVE-2025-49302) , Jul 08, 2025
Gallery Widget (CVE-2025-28969) , Jul 08, 2025
Contact Us Page &#8211; Contact People (CVE-2025-28967) , Jul 07, 2025
WP fancybox (CVE-2025-26591) , Jul 07, 2025