Advanced File Manager Security Vulnerabilities and Issues — Advanced File Manager CVE List

Lucene search

AdvancedfilemanagerAdvanced File Manager

3 matches found

CVE•added 2024/09/26 11:15 a.m.•45 views

CVE-2024-8704

The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. This makes it possible for authenticated attackers, with Administrator-level access and above, to include and execute arbitrary...

7.2CVSS7.5AI score0.0222EPSS

CVE•added 2024/09/26 11:15 a.m.•43 views

CVE-2024-8725

Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions. This is due to a lack of proper checks to ensure lower-privileged roles cannot upload .css and .js files to arbitrary directories. This makes it possible for authenticated attackers, with Subscri...

6.8CVSS6AI score0.00111EPSS

CVE•added 2024/09/26 11:15 a.m.•41 views

CVE-2024-8126

The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, and granted permissions by an Admini...

8.8CVSS8.4AI score0.03608EPSS