CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
EPSS
Percentile
41.1%
The Frontend File Manager Plugin WordPress plugin before 21.3 allows any
unauthenticated user to rename uploaded files from users. Furthermore, due
to the lack of validation in the destination filename, this could allow
allow them to change the content of arbitrary files on the web server