The File Manager Pro WordPress plugin prior to 1.8.1 does not adequately validate and escape some inputs, leading to XSS by high-privilege users.
ninjateam filester