Najeebmedia: >> Frontend File Manager Plugin >> 20.6 Security Vulnerabilities
The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as `wp-config.php`
CVSS Score
6.5
EPSS Score
0.007
Published
2023-12-04
The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf
CVSS Score
4.3
EPSS Score
0.0
Published
2022-10-17