VYPR
High severity7.7NVD Advisory· Published Jan 7, 2026· Updated Apr 15, 2026

CVE-2025-14804

CVE-2025-14804

Description

The Frontend File Manager Plugin WordPress plugin before 23.5 did not validate a path parameter and ownership of the file, allowing any authenticated users, such as subscribers to delete arbitrary files on the server

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.

CVE-2025-14804 · High · VYPR