Vulnerability in Frontend File Manager Plugin
CVE-2026-12277
The Frontend File Manager Plugin WordPress plugin through 23.6 does not validate a file path derived from user input before deleting the referenced file, allowing unauthenticated users to delete arbitrary files on the server (such as wp-co…
Affected products
- Unknown Frontend File Manager Plugin — versions 0
References
- contact@wpscan.com (technical-description, exploit, vdb-entry)