14 matches found
CVE-2020-25213
CVE-2020-25213 affects the WordPress WP-File-Manager plugin (versions 6.0–6.8; remediation to 6.9+). Root cause: renaming an unsafe elFinder connector file to .php allowed unauthenticated remote code execution via the plugin’s file-upload mechanism, enabling commands to write PHP into wp-content/...
CVE-2024-0761
CVE-2024-0761 affects the WordPress File Manager plugin. Affected versions include all up to 7.2.1, with a root cause of insufficient randomness in backup filenames (timestamp + 4 random digits). This enables unauthenticated attackers to disclose sensitive data, such as site backups, particularly...
CVE-2024-2654
CVE-2024-2654 refers to the WordPress File Manager plugin, affecting all versions up to 7.2.5. It enables Directory Traversal via fm_download_backup, allowing an authenticated attacker with administrator privileges to read the contents of arbitrary zip files on the server, potentially exposing se...
CVE-2020-24312
Summary: WordPress File Manager (wp-file-manager) plugin versions ≤ 6.4 are vulnerable to a backup disclosure due to failing to restrict access to the fm_backups directory via .htaccess, allowing unauthenticated users to browse/download site backups (potentially full database backups). Root cause...
CVE-2023-6846
The File Manager Pro WordPress plugin (wp-file-manager-pro) is vulnerable to Arbitrary File Upload in versions up to and including 8.3.4 via the mk_check_filemanager_php_syntax AJAX function. Authenticated users with subscriber access can cause server-side code execution. Version 8.3.5 adds a cap...
CVE-2024-1538
CVE-2024-1538 affects the WordPress File Manager plugin up to version 7.2.4. The root cause is missing or incorrect nonce validation on the wp_file_manager page that includes files via the 'lang' parameter, enabling unauthenticated attackers to cause local JavaScript inclusion and potentially ach...
CVE-2018-25105
The CVE concerns the WordPress File Manager plugin (versions up to 3.0). A missing capability check in /inc/root.php enables an authorization bypass, allowing unauthenticated actors to download arbitrary server files and upload arbitrary files that can be used for remote code execution. The root ...
CVE-2024-8918
CVE-2024-8918 affects the File Manager Pro WordPress plugin up to version 8.3.9. Root cause: insufficient checks on allowed file types permit unauthenticated attackers (with admin-granted permissions) to upload .css/.js files, enabling Stored Cross-Site Scripting. Impact: potential data/website s...
CVE-2021-24177
CVE-2021-24177: Reflected XSS in the WordPress File Manager plugin (pre-7.1) on /wp-admin/admin.php?page=wp_file_manager_properties where a payload submitted in the User-Agent header is reflected in the response. Affected product: WordPress File Manager plugin (default configuration). CVSS eviden...
CVE-2018-16966
CVE-2018-16966 concerns the WordPress plugin “mndpsingh287 File Manager” (v3.0) where a CSRF vulnerability exists via the page=wp_file_manager_root public_path parameter. The issue allows an attacker to trigger actions on behalf of a logged-in user (requires user interaction per CVSS3) without au...
CVE-2024-8507
The CVE-2024-8507 entry concerns the WordPress plugin File Manager Pro (
CVE-2024-8746
CVE-2024-8746 affects the WordPress plugin File Manager Pro (versions ≤ 8.3.9). The vulnerability stems from missing file type validation in the mk_file_folder_manager_shortcode AJAX action, allowing unauthenticated attackers (if granted admin-approval) to download and upload arbitrary backup fil...
CVE-2018-16967
CVE-2018-16967 concerns a reflected XSS in the mndpsingh287 File Manager plugin for WordPress (v3.0) exploitable via the public_path parameter on the wp_file_manager_root page. Multiple sources reiterate that an attacker can inject arbitrary JavaScript through this parameter, potentially affectin...
CVE-2018-16363
CVE-2018-16363 affects the WordPress plugin mndpsingh287 File Manager (v2.9) and is triggered via the lang parameter in the admin interface (wp-admin/admin.php?page=wp_file_manager). The root cause is the use of set_transient in file_folder_manager.php and an echo of the lang value in lib/wpfilem...