API Monitor free
arrow right To plugin page
Fixed

WordPress Frontend File Manager plugin <= 18.2 - Unauthenticated HTML Injection vulnerability

7.3
CVSS 3.1 score High severity
Monitoring Coming soon

Find out about vulnerable plugins in your websites for free.

Scan your website arrow right
Type
Plugin
Vulnerable versions
<= 18.2
Fixed in
18.3
PSID
79eb10b063da
CVE ID
N/A
Classification
Cross Site Scripting (XSS)
OWASP Top 10
A1: Injection
Publicly disclosed
2021-07-12

Details

Unauthenticated HTML Injection vulnerability discovered by Jerome Bruandet (NinTechNet) in WordPress Frontend File Manager plugin (versions <= 18.2).

Solution

Update the WordPress Frontend File Manager plugin to the latest available version (at least 18.3).

References

Vulnerability details Plugin changelog

Other known vulnerabilities for Frontend File Manager

Submit vulnerabilities and become a verified Alliance member

Learn more

Let us know if we have missed a vulnerability reported elsewhere

Report arrow right Close

Thank you for contributing!

Successfully submit vulnerabilities and receive an invite to our Alliance platform.

Learn more arrow right Close