Frontend File Manager
Monthly
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.7. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.7. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.