6 matches found
CVE-2023-7306
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfmdeletemultiplefiles function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts...
CVE-2023-7306
creationtimestamp| type| source ---|---|--- 2025-07-25 08:38:07+00:00| seen| Telegram/WqyPE2iBwCHilcfRddyTIDT38RG6bXRiuDHmBxTIBdorHng...
CVE-2023-7306 Frontend File Manager <= 21.5 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfmdeletemultiplefiles function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts...
CVE-2023-7306 Frontend File Manager <= 21.5 - Missing Authorization to Unauthenticated Arbitrary Post Deletion
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfmdeletemultiplefiles function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts...
CVE-2023-7306
The CVE-2023-7306 entry concerns the Frontend File Manager Plugin for WordPress (versions up to 21.5). The vulnerability is caused by a missing capability check in wpfm_delete_multiple_files(), enabling unauthenticated attackers to delete arbitrary posts and cause data loss. The issue is confirme...
WordPress Frontend File Manager plugin <= 21.5 - Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability
Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability discovered by WordFence in WordPress Plugin Frontend File Manager versions = 21.5...