3 matches found
CVE-2022-2356
The Frontend File Manager & Sharing WordPress plugin before 1.1.3 does not filter file extensions when letting users upload files on the server, which may lead to malicious code being uploaded...
CVE-2022-2356 User Private Files < 1.1.3 - Subscriber+ Arbitrary File Upload
The Frontend File Manager & Sharing WordPress plugin before 1.1.3 does not filter file extensions when letting users upload files on the server, which may lead to malicious code being uploaded...
CVE-2022-2356
CVE-2022-2356 affects the WordPress plugin Frontend File Manager & Sharing prior to version 1.1.3. The root cause is lack of file-extension filtering during uploads, enabling potential upload of malicious code. Documented impact indicates an attacker could place executable code on the server, wit...