Frontend File Manager Plugin@* Security Vulnerabilities and Issues — Frontend File Manager Plugin@* CVE List

Lucene search

NajeebmediaFrontend File Manager Plugin*

3 matches found

CVE•added 2022/10/03 2:15 p.m.•59 views

CVE-2022-3125

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to basically be able to upload arbitrary files on the server and achieve RCE

8.8CVSS8.6AI score0.00675EPSS

CVE•added 2022/10/17 12:15 p.m.•54 views

CVE-2022-3126

The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf

4.3CVSS4.5AI score0.00061EPSS

CVE•added 2022/10/03 2:15 p.m.•50 views

CVE-2022-3124

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server

5.3CVSS5.3AI score0.03761EPSS