223 matches found
CVE-2025-13382
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes i...
CVE-2025-13382
The CVE concerns the WordPress Frontend File Manager Plugin (versions up to 23.4). It is vulnerable to Insecure Direct Object Reference because the plugin does not validate file ownership before processing file rename requests via the REST endpoint /wpfm/v1/file-rename. This allows an authenticat...
EUVD-2025-199571
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes i...
CVE-2025-13382 Frontend File Manager Plugin <= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming
The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes i...
WordPress Frontend File Manager plugin plugin <= 23.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming vulnerability
Insecure Direct Object Reference to Authenticated Subscriber+ Arbitrary File Renaming vulnerability discovered by t.t.brothers in WordPress Plugin Frontend File Manager versions = 23.4...
WordPress Frontend File Manager Plugin Missing Authorization Vulnerability
WordPress Frontend File Manager Plugin is a plugin that allows users to upload, manage and share files through a frontend interface that supports secure storage and permission control. A lack of authorization vulnerability exists in WordPress Frontend File Manager Plugin, which can be exploited b...
CVE-2025-64265
Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.2...
EUVD-2025-163780
Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.2...
CVE-2025-64265
Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.2...
CVE-2025-64265 WordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.2...
CVE-2025-64265
The CVE-2025-64265 entry describes a Missing Authorization vulnerability in the WordPress Frontend File Manager plugin’s nmedia-user-file-uploader, affecting versions ≤ 23.2. The underlying issue is Incorrectly Configured Access Control Security Levels that allows improper authorization. Several ...
PT-2025-46801
Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through = 23.2...
WordPress plugin Frontend File Manager 安全漏洞
WordPress Frontend File Manager Plugin is a plugin that allows users to upload, manage and share files through a frontend interface that supports secure storage and permission control. A lack of authorization vulnerability exists in WordPress Frontend File Manager Plugin, which can be exploited b...
WordPress Frontend File Manager plugin <= 23.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Frontend File Manager versions = 23.2...
EUVD-2024-23205
Malicious code in bioql PyPI...
EUVD-2025-19952
Malicious code in bioql PyPI...
EUVD-2021-34183
Malicious code in bioql PyPI...
EUVD-2021-34195
Malicious code in bioql PyPI...
EUVD-2022-42553
Malicious code in bioql PyPI...
EUVD-2023-57444
Malicious code in bioql PyPI...