VYPR

File Manager Plugin For Wordpress

by WordPress

CVEs (3)

  • CVE-2025-53260CriJun 27, 2025
    risk 0.59cvss 9.1epss 0.00

    Unrestricted Upload of File with Dangerous Type vulnerability in getredhawkstudio File Manager Plugin For Wordpress file-manager-plugin-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects File Manager Plugin For Wordpress: from n/a through <= 7.5.

  • CVE-2022-0403HigApr 4, 2022
    risk 0.53cvss 8.1epss 0.01

    The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues (CVE-2021-32682), and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any…

  • CVE-2021-24810MedMar 7, 2022
    risk 0.31cvss 4.8epss 0.01

    The WP Event Manager WordPress plugin before 3.1.23 does not escape some of its Field Editor settings when outputting them, allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed