CVE-2023-4930
CVE-2023-4930 affects the Front End PM WordPress plugin prior to 11.4.3. The vulnerability arises because the plugin does not block listing of directories where private-message attachments are stored, enabling unauthenticated users to list and download those attachments if the web server’s autoin...