ninjateam
Web & CMS Pluginscommercial
Top products
Latest CVEs
The 15 most recently published vulnerabilities affecting ninjateam.
- CVE-2026-1104FastDup – Fastest WordPress Migration & Duplicator <= 2.7.1 - Missing Authorization to Authenticated (Contributor+) Backup Creation and Download8.8
- CVE-2025-14001WP Duplicate Page <= 1.8 - Missing Authorization to Authenticated (Contributor+) Arbitrary Post Duplication5.4
- CVE-2026-0604FastDup <= 2.7 - Authenticated (Contributor+) Path Traversal via 'dir_path' REST Parameter6.5
- CVE-2025-66134WordPress FileBird Pro plugin <= 6.5.1 - Broken Access Control vulnerability5.4
- CVE-2025-12900FileBird – WordPress Media Library Folders & File Manager <= 6.5.1 - Missing Authorization to Authenticated (Author+) Global Folders Tampering4.3
- CVE-2025-12481WP Duplicate Page <= 1.7 - Missing Authorization to Authenticated (Contributor+) Sensitive Information Disclosure4.3
- CVE-2025-11510FileBird <= 6.4.9 - Improper Authorization to Authenticated (Author+) Settings Reset4.3
- CVE-2025-0818Multiple elFinder Plugins <= (Various Versions) - Directory Traversal to Arbitrary File Deletion6.5
- CVE-2025-6986FileBird – WordPress Media Library Folders & File Manager <= 6.4.8 - Authenticated (Author+) SQL Injection6.5
- CVE-2025-3234File Manager Pro – Filester <= 1.8.8 - Authenticated (Administrator+) Arbitrary File Upload7.2
- CVE-2025-5236NinjaTeam Chat for Telegram <= 1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via username Parameter6.4
- CVE-2025-1672Notibar <= 2.1.5 - Authenticated (Administrator+) Stored Cross-Site Scripting5.5
- CVE-2025-26977WordPress FileBird plugin <= 6.4.2.1 - Insecure Direct Object References (IDOR) vulnerability3.8
- CVE-2025-24591WordPress GDPR CCPA Compliance & Cookie Consent Banner plugin <= 2.7.1 - Broken Access Control vulnerability4.3
- CVE-2024-11885NinjaTeam Chat for Telegram <= 1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting6.4