2 matches found
CVE-2026-6382
The CVE-2026-6382 entry affects WordPress plugins FileOrganizer (up to 1.1.9), Advanced File Manager (up to 5.4.12), File Manager Pro (up to 2.1.1), and File Manager (up to 8.0.4). Affected code path does not properly escape a parameter passed to a shell command during image processing, enabling ...
CVE-2025-0818 Multiple elFinder Plugins <= (Various Versions) - Directory Traversal to Arbitrary File Deletion
Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory Traversal in various versions. This makes it possible for unauthenticated attackers to delete arbitrary files. Successful exploitation of this vulnerability requires a site owner to explicitly make an...