Lucene search
K

223 matches found

GithubExploit
GithubExploit
added 2026/05/28 1:56 p.m.98 views

Exploit for CVE-2026-8380

CVE-2026-8380 CVE-2026-8380 — Frontend File Manager = 23.6...

6AI score0.00342EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.8 views

CVE-2026-5337

During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference IDOR attack. This vulnerability exists because the Frontend File Manager Plugin WordPress plugin through 23.6 does not properly valida...

6.5CVSS5.8AI score0.00212EPSS
Exploits0References1
NVD
NVD
added 2026/05/03 7:16 a.m.20 views

CVE-2026-5337

During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference IDOR attack. This vulnerability exists because the Frontend File Manager Plugin WordPress plugin through 23.6 does not properly valida...

6.5CVSS0.00212EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/03 6:0 a.m.4 views

EUVD-2026-26818

During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference IDOR attack. This vulnerability exists because the Frontend File Manager Plugin WordPress plugin through 23.6 does not properly valida...

5.8AI score0.00212EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/03 6:0 a.m.5 views

CVE-2026-5337

During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference IDOR attack. This vulnerability exists because the Frontend File Manager Plugin WordPress plugin through 23.6 does not properly valida...

5.8AI score0.00212EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/03 6:0 a.m.39 views

CVE-2026-5337 Frontend File Manager Plugin <= 23.6 - Subscriber+ Arbitrary Download Access via IDOR

During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference IDOR attack. This vulnerability exists because the Frontend File Manager Plugin WordPress plugin through 23.6 does not properly valida...

0.00212EPSS
Exploits0References1
CVE
CVE
added 2026/05/03 6:0 a.m.21 views

CVE-2026-5337

CVE-2026-5337 affects the WordPress plugin “Frontend File Manager” (versions up to 23.6). The issue is an insecure direct object reference (IDOR) in the download endpoint that does not properly validate authorizations for requested uploaded files. A Subscriber-level or higher authenticated user c...

6.5CVSS5.8AI score0.00212EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.11 views

PT-2026-36684

During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference IDOR attack. This vulnerability exists because the Frontend File Manager Plugin WordPress plugin through 23.6 does not properly valida...

5.8AI score0.00212EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/02/20 1:26 p.m.4 views

CVE-2026-25005

Authorization Bypass Through User-Controlled Key vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.5...

5.3CVSS5.5AI score0.00325EPSS
Exploits0References1
NVD
NVD
added 2026/02/19 9:16 a.m.4 views

CVE-2026-25005

Authorization Bypass Through User-Controlled Key vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.5...

5.3CVSS0.00325EPSS
Exploits0References1
CVE
CVE
added 2026/02/19 8:26 a.m.10 views

CVE-2026-25005

CVE-2026-25005 affects WordPress Frontend File Manager plugin versions up to and including 23.5, with an Insecure Direct Object References (IDOR) vulnerability that enables an Authorization Bypass through a user-controlled key, due to misconfigured access controls in the nmedia-user-file-uploader...

5.3CVSS5.4AI score0.00325EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.28 views

CVE-2026-25005 WordPress Frontend File Manager plugin <= 23.5 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.5...

5.3CVSS0.00325EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/19 8:26 a.m.2 views

CVE-2026-25005

Authorization Bypass Through User-Controlled Key vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.5...

5.5AI score0.00325EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/02/19 12:0 a.m.7 views

WordPress plugin Frontend File Manager 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

5.3CVSS5.8AI score0.00325EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/19 12:0 a.m.7 views

PT-2026-20676

Authorization Bypass Through User-Controlled Key vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.5...

5.5AI score0.00325EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/02/17 11:44 a.m.13 views

WordPress Frontend File Manager Plugin plugin <= 23.5 - Unauthenticated Arbitrary Email Sending vulnerability

Unauthenticated Arbitrary Email Sending vulnerability discovered by yiğit ibrahim sağlam in WordPress Plugin Frontend File Manager versions = 23.5...

5.8CVSS5.4AI score0.00682EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/02/17 7:16 a.m.7 views

CVE-2026-0829

The Frontend File Manager Plugin WordPress plugin through 23.5 allows unauthenticated users to send emails through the site without any security checks. This lets attackers use the WordPress site as an open relay for spam or phishing emails to anyone. Attackers can also guess file IDs to access a...

5.8CVSS0.00682EPSS
Exploits0References1
CVE
CVE
added 2026/02/17 6:0 a.m.17 views

CVE-2026-0829

The CVE-2026-0829 entry concerns the WordPress Frontend File Manager Plugin (versions up to 23.5). The vulnerability is unauthenticated: attackers can send emails via the site as an open relay and may guess file IDs to access/share uploaded files without permission. This leads to possible spam/ph...

5.8CVSS5.3AI score0.00682EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/17 6:0 a.m.6 views

CVE-2026-0829

The Frontend File Manager Plugin WordPress plugin through 23.5 allows unauthenticated users to send emails through the site without any security checks. This lets attackers use the WordPress site as an open relay for spam or phishing emails to anyone. Attackers can also guess file IDs to access a...

5.3AI score0.00682EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/17 6:0 a.m.39 views

CVE-2026-0829 Frontend File Manager Plugin <= 23.5 - Unauthenticated Arbitrary Email Sending

The Frontend File Manager Plugin WordPress plugin through 23.5 allows unauthenticated users to send emails through the site without any security checks. This lets attackers use the WordPress site as an open relay for spam or phishing emails to anyone. Attackers can also guess file IDs to access a...

0.00682EPSS
Exploits0References1
Rows per page
Query Builder