Advancedfilemanager Advanced_file_manager
9 CVEs affecting Advancedfilemanager Advanced_file_manager. Latest disclosed: 2025-05-07. Critical: 0, High: 5.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-13333 | High | 7.5 | 2025-01-17 | The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fma_local_file_system' funct… |
CVE-2024-11391 | High | 7.5 | 2024-12-03 | The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'class_fma_connector.php' fi… |
CVE-2024-8126 | High | 7.5 | 2024-09-26 | The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and includ… |
CVE-2024-5598 | High | 7.5 | 2024-06-29 | The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.4 via the 'fma_local_f… |
CVE-2024-8704 | High | 7.2 | 2024-09-26 | The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale… |
CVE-2024-8725 | Medium | 6.8 | 2024-09-26 | Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions. This is due to a lack of proper checks to ensure lower-… |
CVE-2024-13805 | Medium | 6.4 | 2025-03-07 | The Advanced File Manager — Ultimate WordPress File Manager and Document Library Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via S… |
CVE-2025-47688 | Medium | 5.3 | 2025-05-07 | Missing Authorization vulnerability in Saad Iqbal Advanced File Manager file-manager-advanced allows Exploiting Incorrectly Configured Access Control Security… |
CVE-2023-3814 | Medium | 4.9 | 2023-09-04 | The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list a… |