Unrated severityNVD Advisory· Published Oct 3, 2022· Updated Aug 3, 2024
Frontend File Manager < 21.3 - Subscriber+ Arbitrary File Upload
CVE-2022-3125
Description
The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to basically be able to upload arbitrary files on the server and achieve RCE
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <21.3
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/d3d9dc9a-226b-4f76-995e-e2af1dd6b17emitrex_refsource_MISC
News mentions
0No linked articles in our index yet.