📦 Frontend File Manager Plugin

The Frontend File Manager WordPress plugin allows unauthenticated attackers to download arbitrary files from vulnerable websites due to missing authentication, capability checks, and sanitization. Thi...

The Frontend File Manager WordPress plugin up to version 18.2 has an authenticated settings change vulnerability. Subscriber-level attackers can modify plugin settings like allowed file types, potenti...

This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress sites using the Frontend File Manager plugin. When users visit compromised pages, the scripts execute in ...

The Frontend File Manager WordPress plugin up to version 18.2 allows unauthenticated attackers to send emails with custom HTML content using the site's email functionality. This enables attackers to u...