Описание
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfm_delete_multiple_files() function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts.
EPSS
Процентиль: 31%
0.00119
Низкий
7.5 High
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 7.5
github
7 месяцев назад
The Frontend File Manager Plugin plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the wpfm_delete_multiple_files() function in all versions up to, and including, 21.5. This makes it possible for unauthenticated attackers to delete arbitrary posts.
EPSS
Процентиль: 31%
0.00119
Низкий
7.5 High
CVSS3
Дефекты
CWE-862