Advancedfilemanager Advanced_file_manager

9 CVEs affecting Advancedfilemanager Advanced_file_manager. Latest disclosed: 2025-05-07. Critical: 0, High: 5.

Top CVEs affecting Advancedfilemanager Advanced_file_manager
CVESeverityScorePublishedSummary
CVE-2024-13333High7.52025-01-17The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fma_local_file_system' funct…
CVE-2024-11391High7.52024-12-03The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'class_fma_connector.php' fi…
CVE-2024-8126High7.52024-09-26The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and includ…
CVE-2024-5598High7.52024-06-29The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.4 via the 'fma_local_f…
CVE-2024-8704High7.22024-09-26The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale…
CVE-2024-8725Medium6.82024-09-26Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions. This is due to a lack of proper checks to ensure lower-…
CVE-2024-13805Medium6.42025-03-07The Advanced File Manager — Ultimate WordPress File Manager and Document Library Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via S…
CVE-2025-47688Medium5.32025-05-07Missing Authorization vulnerability in Saad Iqbal Advanced File Manager file-manager-advanced allows Exploiting Incorrectly Configured Access Control Security…
CVE-2023-3814Medium4.92023-09-04The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list a…