VYPR
Unrated severityNVD Advisory· Published Oct 3, 2022· Updated Aug 3, 2024

Frontend File Manager < 21.3 - Subscriber+ Arbitrary File Upload

CVE-2022-3125

Description

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any authenticated users, such as subscriber, to rename a file to an arbitrary extension, like PHP, which could allow them to basically be able to upload arbitrary files on the server and achieve RCE

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.