CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1538

The File Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.4. This is due to missing or incorrect nonce validation on the wp_file_manager page that includes files through the 'lang' parameter. This makes it possible for unauthenticated attackers to include local JavaScript files that can be leveraged to achieve RCE via a forged request granted they can trick a site administrator into performing an action such as clicking on a link. This issue was partially patched in version 7.2.4, and fully patched in 7.2.5.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.034

EPSS Ranking 86.8%

CVSS Severity

CVSS v3 Score 8.8

References

Products affected by CVE-2024-1538

Filemanagerpro » File Manager » Version: N/A

cpe:2.3:a:filemanagerpro:file_manager:-
Filemanagerpro » File Manager » Version: 1.1

cpe:2.3:a:filemanagerpro:file_manager:1.1
Filemanagerpro » File Manager » Version: 1.2

cpe:2.3:a:filemanagerpro:file_manager:1.2
Filemanagerpro » File Manager » Version: 1.3

cpe:2.3:a:filemanagerpro:file_manager:1.3
Filemanagerpro » File Manager » Version: 1.4

cpe:2.3:a:filemanagerpro:file_manager:1.4
Filemanagerpro » File Manager » Version: 1.5

cpe:2.3:a:filemanagerpro:file_manager:1.5
Filemanagerpro » File Manager » Version: 1.6

cpe:2.3:a:filemanagerpro:file_manager:1.6
Filemanagerpro » File Manager » Version: 1.7

cpe:2.3:a:filemanagerpro:file_manager:1.7
Filemanagerpro » File Manager » Version: 1.8

cpe:2.3:a:filemanagerpro:file_manager:1.8
Filemanagerpro » File Manager » Version: 1.9

cpe:2.3:a:filemanagerpro:file_manager:1.9
Filemanagerpro » File Manager » Version: 2.0

cpe:2.3:a:filemanagerpro:file_manager:2.0
Filemanagerpro » File Manager » Version: 2.1

cpe:2.3:a:filemanagerpro:file_manager:2.1
Filemanagerpro » File Manager » Version: 2.2

cpe:2.3:a:filemanagerpro:file_manager:2.2
Filemanagerpro » File Manager » Version: 2.3

cpe:2.3:a:filemanagerpro:file_manager:2.3
Filemanagerpro » File Manager » Version: 2.4

cpe:2.3:a:filemanagerpro:file_manager:2.4
Filemanagerpro » File Manager » Version: 2.5

cpe:2.3:a:filemanagerpro:file_manager:2.5
Filemanagerpro » File Manager » Version: 2.6

cpe:2.3:a:filemanagerpro:file_manager:2.6
Filemanagerpro » File Manager » Version: 2.7

cpe:2.3:a:filemanagerpro:file_manager:2.7
Filemanagerpro » File Manager » Version: 2.8

cpe:2.3:a:filemanagerpro:file_manager:2.8
Filemanagerpro » File Manager » Version: 2.9

cpe:2.3:a:filemanagerpro:file_manager:2.9
Filemanagerpro » File Manager » Version: 3.0

cpe:2.3:a:filemanagerpro:file_manager:3.0
Filemanagerpro » File Manager » Version: 3.1

cpe:2.3:a:filemanagerpro:file_manager:3.1
Filemanagerpro » File Manager » Version: 3.2

cpe:2.3:a:filemanagerpro:file_manager:3.2
Filemanagerpro » File Manager » Version: 3.3

cpe:2.3:a:filemanagerpro:file_manager:3.3
Filemanagerpro » File Manager » Version: 3.4

cpe:2.3:a:filemanagerpro:file_manager:3.4
Filemanagerpro » File Manager » Version: 3.5

cpe:2.3:a:filemanagerpro:file_manager:3.5
Filemanagerpro » File Manager » Version: 3.6

cpe:2.3:a:filemanagerpro:file_manager:3.6
Filemanagerpro » File Manager » Version: 3.7

cpe:2.3:a:filemanagerpro:file_manager:3.7
Filemanagerpro » File Manager » Version: 3.8

cpe:2.3:a:filemanagerpro:file_manager:3.8
Filemanagerpro » File Manager » Version: 3.9

cpe:2.3:a:filemanagerpro:file_manager:3.9
Filemanagerpro » File Manager » Version: 4.0

cpe:2.3:a:filemanagerpro:file_manager:4.0
Filemanagerpro » File Manager » Version: 4.1

cpe:2.3:a:filemanagerpro:file_manager:4.1
Filemanagerpro » File Manager » Version: 4.2

cpe:2.3:a:filemanagerpro:file_manager:4.2
Filemanagerpro » File Manager » Version: 4.3

cpe:2.3:a:filemanagerpro:file_manager:4.3
Filemanagerpro » File Manager » Version: 4.4

cpe:2.3:a:filemanagerpro:file_manager:4.4
Filemanagerpro » File Manager » Version: 4.5

cpe:2.3:a:filemanagerpro:file_manager:4.5
Filemanagerpro » File Manager » Version: 4.6

cpe:2.3:a:filemanagerpro:file_manager:4.6
Filemanagerpro » File Manager » Version: 4.7

cpe:2.3:a:filemanagerpro:file_manager:4.7
Filemanagerpro » File Manager » Version: 4.8

cpe:2.3:a:filemanagerpro:file_manager:4.8
Filemanagerpro » File Manager » Version: 4.9

cpe:2.3:a:filemanagerpro:file_manager:4.9
Filemanagerpro » File Manager » Version: 5.0

cpe:2.3:a:filemanagerpro:file_manager:5.0
Filemanagerpro » File Manager » Version: 5.1

cpe:2.3:a:filemanagerpro:file_manager:5.1
Filemanagerpro » File Manager » Version: 5.2

cpe:2.3:a:filemanagerpro:file_manager:5.2
Filemanagerpro » File Manager » Version: 5.3

cpe:2.3:a:filemanagerpro:file_manager:5.3
Filemanagerpro » File Manager » Version: 5.4

cpe:2.3:a:filemanagerpro:file_manager:5.4
Filemanagerpro » File Manager » Version: 5.5

cpe:2.3:a:filemanagerpro:file_manager:5.5
Filemanagerpro » File Manager » Version: 5.6

cpe:2.3:a:filemanagerpro:file_manager:5.6
Filemanagerpro » File Manager » Version: 5.7

cpe:2.3:a:filemanagerpro:file_manager:5.7
Filemanagerpro » File Manager » Version: 5.8

cpe:2.3:a:filemanagerpro:file_manager:5.8
Filemanagerpro » File Manager » Version: 5.9

cpe:2.3:a:filemanagerpro:file_manager:5.9
Filemanagerpro » File Manager » Version: 6.0

cpe:2.3:a:filemanagerpro:file_manager:6.0
Filemanagerpro » File Manager » Version: 6.1

cpe:2.3:a:filemanagerpro:file_manager:6.1
Filemanagerpro » File Manager » Version: 6.2

cpe:2.3:a:filemanagerpro:file_manager:6.2
Filemanagerpro » File Manager » Version: 6.3

cpe:2.3:a:filemanagerpro:file_manager:6.3
Filemanagerpro » File Manager » Version: 6.4

cpe:2.3:a:filemanagerpro:file_manager:6.4
Filemanagerpro » File Manager » Version: 6.5

cpe:2.3:a:filemanagerpro:file_manager:6.5
Filemanagerpro » File Manager » Version: 6.6

cpe:2.3:a:filemanagerpro:file_manager:6.6
Filemanagerpro » File Manager » Version: 6.7

cpe:2.3:a:filemanagerpro:file_manager:6.7
Filemanagerpro » File Manager » Version: 6.8

cpe:2.3:a:filemanagerpro:file_manager:6.8
Filemanagerpro » File Manager » Version: 6.9

cpe:2.3:a:filemanagerpro:file_manager:6.9
Filemanagerpro » File Manager » Version: 7.0

cpe:2.3:a:filemanagerpro:file_manager:7.0
Filemanagerpro » File Manager » Version: 7.1

cpe:2.3:a:filemanagerpro:file_manager:7.1
Filemanagerpro » File Manager » Version: 7.1.1

cpe:2.3:a:filemanagerpro:file_manager:7.1.1
Filemanagerpro » File Manager » Version: 7.1.2

cpe:2.3:a:filemanagerpro:file_manager:7.1.2
Filemanagerpro » File Manager » Version: 7.1.3

cpe:2.3:a:filemanagerpro:file_manager:7.1.3
Filemanagerpro » File Manager » Version: 7.1.4

cpe:2.3:a:filemanagerpro:file_manager:7.1.4
Filemanagerpro » File Manager » Version: 7.1.5

cpe:2.3:a:filemanagerpro:file_manager:7.1.5
Filemanagerpro » File Manager » Version: 7.1.6

cpe:2.3:a:filemanagerpro:file_manager:7.1.6
Filemanagerpro » File Manager » Version: 7.1.7

cpe:2.3:a:filemanagerpro:file_manager:7.1.7
Filemanagerpro » File Manager » Version: 7.1.8

cpe:2.3:a:filemanagerpro:file_manager:7.1.8
Filemanagerpro » File Manager » Version: 7.1.9

cpe:2.3:a:filemanagerpro:file_manager:7.1.9
Filemanagerpro » File Manager » Version: 7.2

cpe:2.3:a:filemanagerpro:file_manager:7.2
Filemanagerpro » File Manager » Version: 7.2.1

cpe:2.3:a:filemanagerpro:file_manager:7.2.1
Filemanagerpro » File Manager » Version: 7.2.2

cpe:2.3:a:filemanagerpro:file_manager:7.2.2
Filemanagerpro » File Manager » Version: 7.2.3

cpe:2.3:a:filemanagerpro:file_manager:7.2.3
Filemanagerpro » File Manager » Version: 7.2.4

cpe:2.3:a:filemanagerpro:file_manager:7.2.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-1538

Products

Pricing

Contact Us