Lucene search
China National Vulnerability DatabaseCNVD-2022-87377HistoryOct 11, 2022 - 12:00 a.m.
WordPress Frontend File Manager Arbitrary File Upload Vulnerability
2022-10-1100:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
wordpress
frontend file manager
arbitrary file upload
vulnerability
php
authentication
malicious file
remote code execution
wordpress foundation
0.001 Low
EPSS
Percentile
43.0%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. WordPress Frontend File Manager versions prior to 21.3 are vulnerable to arbitrary file uploads, which stem from the lack of valid authentication of uploaded files by the application. An authenticated attacker could exploit the vulnerability to upload malicious files to remotely execute arbitrary code.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress frontend file manager plugin | lt | 21.3 |
Related
wpexploit
wpexploit
Frontend File Manager < 21.3 - Subscriber+ Arbitrary File Upload
2022-09-07 00:00:00
cve
cve
CVE-2022-3125
2022-10-03 14:15:20
prion
prion
Design/Logic Flaw
2022-10-03 14:15:00
cvelist
cvelist
ubuntucve
ubuntucve
CVE-2022-3125
2022-10-03 00:00:00
nvd
nvd
CVE-2022-3125
2022-10-03 14:15:20
wpvulndb
wpvulndb
Frontend File Manager < 21.3 - Subscriber+ Arbitrary File Upload
2022-09-07 00:00:00
patchstack
patchstack