[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-28802":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":50,"name":51,"published":52,"updated":34},28802,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},2,"Nuclei",{"id":25,"codename":34,"description":34,"severity":35,"risk_description":34,"public_description":36,"public_recommendation":37,"recommendation":34,"references":38,"cvssv3":43,"epss_score":44,"epss_percentile":45,"cve":46,"in_cisa_catalog":48,"date":49,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"medium","WordPress File Manager plugin before 3.0 is vulnerable to authenticated reflected cross-site scripting (XSS) via the lang parameter in the admin dashboard. The parameter is directly echoed into a JavaScript context without proper sanitization.","We recommend you to upgrade the affected software to the latest version, which mitigates this vulnerability.",[39,40,41,42],"https://nvd.nist.gov/vuln/detail/CVE-2018-16363","https://wpscan.com/vulnerability/65e4849b-6517-400d-884f-65234f58ab0c/","https://plugins.trac.wordpress.org/changeset/1936043","https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16363",5.4,0.01614,0.81741,[47],"CVE-2018-16363",false,"2018-09-07T00:00:00Z","NETSCAN-NUCLEI-CVE-CVE-2018-16363","WordPress File Manager \u003C 3.0 - Cross-Site Scripting","2026-02-10T00:00:00Z"]