CVE-2023-7306 | Frontend File Manager Plugin up to 21.5 on WordPress wpfm_delete_multiple_files missing authentication

Inserito da Angelo Barbosa | Lug 24, 2025 | CVE

A vulnerability was found in Frontend File Manager Plugin up to 21.5 on WordPress and classified as critical. Affected by this issue is the function wpfm_delete_multiple_files. The manipulation leads to missing authentication.

This vulnerability is handled as CVE-2023-7306. The attack may be launched remotely. There is no exploit available.

CVE-2023-7306 | Frontend File Manager Plugin up to 21.5 on WordPress wpfm_delete_multiple_files missing authentication

Post correlati

CVE-2023-50379 | Apache Ambari up to 2.7.7 Request code injection

CVE-2023-52701 | Linux Kernel up to 6.1.12 Kernel Memory sock_recv_mark buffer overflow (863a7de987f0/2558b8039d05)

CVE-2023-47577 | Relyum RELY-PCIe/RELY-REC 22.2.1/23.1.0 unverified password change

CVE-2023-49854 | Caddy Plugin up to 1.9.7 on WordPress cross-site request forgery