Skip to main content

Wpide File Manager Code Editor

2 CVEs product

Monthly

CVE-2026-57766 HIGH This Week

Cross-Site Request Forgery in the WPIDE - File Manager & Code Editor WordPress plugin (versions <= 3.5.6) allows a remote attacker to forge privileged requests that a logged-in administrator's browser executes without consent. Because WPIDE exposes filesystem read/write and code-editing functionality, a successful CSRF can lead to arbitrary file modification and effectively remote code execution on the WordPress host. No public exploit identified at time of analysis, and it is not listed in CISA KEV; EPSS was not provided.

CSRF Wpide File Manager Code Editor
NVD
CVSS 3.1
8.8
EPSS
0.1%
CVE-2022-35235 MEDIUM PATCH This Month

Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

WordPress Path Traversal Wpide File Manager Code Editor
NVD
CVSS 3.1
4.9
EPSS
0.9%
EPSS 0% CVSS 8.8
HIGH This Week

Cross-Site Request Forgery in the WPIDE - File Manager & Code Editor WordPress plugin (versions <= 3.5.6) allows a remote attacker to forge privileged requests that a logged-in administrator's browser executes without consent. Because WPIDE exposes filesystem read/write and code-editing functionality, a successful CSRF can lead to arbitrary file modification and effectively remote code execution on the WordPress host. No public exploit identified at time of analysis, and it is not listed in CISA KEV; EPSS was not provided.

CSRF Wpide File Manager Code Editor
NVD
EPSS 1% CVSS 4.9
MEDIUM PATCH This Month

Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress. Rated medium severity (CVSS 4.9), this vulnerability is remotely exploitable, low attack complexity. This Path Traversal vulnerability could allow attackers to access files and directories outside the intended path.

WordPress Path Traversal Wpide File Manager Code Editor
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy