Nmedia Frontend File Manager Plugin

12 CVEs affecting Nmedia Frontend File Manager Plugin. Latest disclosed: 2026-01-28. Critical: 3, High: 4.

Top CVEs affecting Nmedia Frontend File Manager Plugin
CVESeverityScorePublishedSummary
CVE-2021-4368Critical9.92023-06-07The Frontend File Manager plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 18.2. This is due to lacking ca…
CVE-2016-15042Critical9.82024-10-16The Frontend File Manager (versions < 4.0), N-Media Post Front-end Form (versions < 1.1) plugins for WordPress are vulnerable to arbitrary file uploads due to…
CVE-2021-4356Critical9.02023-06-07The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Download in versions up to, and including, 18.2. This is due t…
CVE-2026-1280High7.52026-01-28The Frontend File Manager Plugin for WordPress is vulnerable to unauthorized file sharing due to a missing capability check on the 'wpfm_send_file_in_email' AJ…
CVE-2023-7306High7.52025-07-25The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfm_delete_multiple_…
CVE-2021-4365High7.22023-06-07The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to, and including, 18.2. This is due…
CVE-2021-4350High7.22023-06-07The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated HTML Injection in versions up to, and including, 18.2. This is due to lacking a…
CVE-2021-4359Medium6.52023-06-07The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary Post Deletion in versions up to, and including, 18.2. This is due to…
CVE-2021-4344Medium6.42023-06-07The Frontend File Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 18.2. This is due to lacking mishandling…
CVE-2021-4369Medium5.82023-06-07The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Content Injection in versions up to, and including, 18.2. This is due to lackin…
CVE-2021-4351Medium5.82023-06-07The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Post Meta Change in versions up to, and including, 18.2. This is due to lacking…
CVE-2025-13382Medium4.32025-11-25The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the…