Medium 6.5
2026-02-20< 6.1.16
CVE-2026-24953
Simple File List
Minimum safe version
6.1.16
Update to 6.1.16 or later to address 22 fixable vulnerabilities
Latest available6.1.18 ✓⚠ 1 vulnerability has no fix
Medium 5.4 Unfixed
2025-12-25≤ 6.1.18
Simple File List <= 6.1.16 - Missing Authorization
High 7.5
2025-08-20< 6.1.15
CVE-2025-54021
Critical 9.8
2025-07-12< 4.2.3
CVE-2020-36847
Critical 10.0
2025-07-09< 4.2.3
CVE-2025-34085
Medium 5.3
2025-05-07< 6.1.14
CVE-2025-47450
Medium 5.4
2024-11-14< 6.1.13
CVE-2024-10146
Medium 5.9
2023-10-24< 6.1.10
CVE-2023-39924
High 7.5
2024-04-17< 6.1.10
CVE-2023-44227
N/A
< 3.2.8
Simple File List Plugin <= 3.2.4 - Unauthenticated Arbitrary File Download
N/A
< 3.2.5
Simple File List Plugin <= 3.2.4 - Authenticated Arbitrary File Delete
N/A
< 4.2.3
Simple File List < 4.2.3 - Unauthenticated Arbitrary File Upload RCE
Medium 4.8
2023-03-27< 6.0.10
CVE-2023-1025
N/A
2019-05-23< 3.2.5
Simple File List <= 3.2.4 - Arbitrary File Deletion
N/A
2020-11-02< 4.2.3
Simple File List < 4.2.3 - Remote Code Execution
Medium 6.1
2022-09-26< 4.4.12
CVE-2022-3062
Medium 4.8
2022-10-10< 4.4.12
CVE-2022-3207
Medium 6.5
2022-10-10< 4.4.13
CVE-2022-3208
N/A
2019-05-27< 3.2.5
WordPress Simple File List plugin <= 3.2.4 - Authenticated Arbitrary File Delete vulnerability
N/A
2019-05-27< 3.2.5
WordPress Simple File List plugin <= 3.2.4 - Unauthenticated Arbitrary File Download vulnerability
N/A
2020-04-27< 4.2.3
WordPress Simple File List plugin <= 4.2.2 - Unauthenticated Arbitrary File Upload vulnerability leading to Remote Code Execution (RCE)
High 7.5
2022-04-19< 3.2.8
CVE-2022-1119
Critical 9.8
2020-05-16< 4.2.8
WordPress Simple File List plugin <= 4.2.7 - Authenticated Arbitrary File Deletion vulnerability