High severity7.5NVD Advisory· Published Jul 25, 2025· Updated Apr 15, 2026
CVE-2023-7306
CVE-2023-7306
Description
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfm_delete_multiple_files() function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=21.5
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.