WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plug-in. WordPress Frontend File Manager versions prior to 21.3 are vulnerable to arbitrary file uploads, which stem from the lack of valid authentication of uploaded files by the application. An authenticated attacker could exploit the vulnerability to upload malicious files to remotely execute arbitrary code.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress frontend file manager plugin | lt | 21.3 |