CVE-2021-4368Missing Authorization in Frontend File Manager Plugin

CWE-862Missing Authorization3 documents3 sources
Severity
8.8HIGHNVD
CNA9.9
EPSS
7.2%
top 8.37%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Nmedia Frontend File Manager PluginNajeebmedia Frontend File Manager Plugin
Timeline
PublishedJun 7

Description

The Frontend File Manager plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 18.2. This is due to lacking capability checks and a security nonce, all on the wpfm_save_settings AJAX action. This makes it possible for subscriber-level attackers to edit the plugin settings, such as the allowed upload file types. This can lead to remote code execution through other vulnerabilities.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

Patches

Patch: plugins.trac.wordpress.orgPatch: plugins.trac.wordpress.org

🔴Vulnerability Details

2
GHSA
GHSA-254w-gr7h-wvh4: The Frontend File Manager plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 182023-06-07
CVEList
Frontend File Manager <= 18.2 - Authenticated Settings Change leading to Arbitrary File Upload2023-06-07
CVE-2021-4368 — Missing Authorization | cvebase