4 matches found
CVE-2025-0818
Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an...
CVE-2025-0818 Multiple elFinder Plugins <= (Various Versions) - Directory Traversal to Arbitrary File Deletion
Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an...
WordPress Advanced File Manager plugin <= 5.3.6 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability discovered by tiborisaak in WordPress Plugin Advanced File Manager versions = 5.3.6...
WordPress File Manager Plugin <= 8.4.2 is vulnerable to Arbitrary File Deletion
Software File Manager Type Plugin Vulnerable versions = 8.4.2 Fixed in 8.4.3 OWASP Top 10 A3: Injection Classification Arbitrary File Deletion CVE CVE-2025-0818 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 5d1e46fce6a0 Credits tiborisaak Required privilege...