Lucene search
K

6 matches found

NVD
NVD
added 2025/07/25 9:15 a.m.5 views

CVE-2023-7306

The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfmdeletemultiplefiles function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts...

7.5CVSS0.00316EPSS
Exploits0References2
Circl
Circl
added 2025/07/25 8:38 a.m.7 views

CVE-2023-7306

creationtimestamp| type| source ---|---|--- 2025-07-25 08:38:07+00:00| seen| Telegram/WqyPE2iBwCHilcfRddyTIDT38RG6bXRiuDHmBxTIBdorHng...

7.5CVSS4.8AI score0.00316EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/07/25 8:22 a.m.2 views

CVE-2023-7306 Frontend File Manager <= 21.5 - Missing Authorization to Unauthenticated Arbitrary Post Deletion

The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfmdeletemultiplefiles function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts...

7.5CVSS6.5AI score0.00316EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/07/25 8:22 a.m.9 views

CVE-2023-7306 Frontend File Manager <= 21.5 - Missing Authorization to Unauthenticated Arbitrary Post Deletion

The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfmdeletemultiplefiles function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts...

7.5CVSS0.00316EPSS
Exploits0References2
CVE
CVE
added 2025/07/25 8:22 a.m.24 views

CVE-2023-7306

The CVE-2023-7306 entry concerns the Frontend File Manager Plugin for WordPress (versions up to 21.5). The vulnerability is caused by a missing capability check in wpfm_delete_multiple_files(), enabling unauthenticated attackers to delete arbitrary posts and cause data loss. The issue is confirme...

7.5CVSS6.3AI score0.00316EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/07/24 10:44 p.m.7 views

WordPress Frontend File Manager plugin <= 21.5 - Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability

Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability discovered by WordFence in WordPress Plugin Frontend File Manager versions = 21.5...

7.5CVSS6.8AI score0.00316EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder