Mndpsingh287 File Manager

6 CVEs affecting Mndpsingh287 File Manager. Latest disclosed: 2024-11-01. Critical: 2, High: 2.

Top CVEs affecting Mndpsingh287 File Manager
CVESeverityScorePublishedSummary
CVE-2023-6825Critical9.92024-03-13The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory Traversal in versions up to, and including version 7.2.1 (free version)…
CVE-2018-25105Critical9.82024-10-16The File Manager plugin for WordPress is vulnerable to authorization bypass due to a missing capability check in the /inc/root.php file in versions up to, and…
CVE-2024-1538High8.82024-03-21The File Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.2.4. This is due to missing or incorr…
CVE-2024-0761High8.12024-02-05The File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.1 due to insufficient randomnes…
CVE-2024-2654Medium6.82024-04-09The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fm_download_backup function. Thi…
CVE-2024-37254Medium4.32024-11-01Missing Authorization vulnerability in mndpsingh287 File Manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fil…