CVE-2025-27358Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) in Frontend File Manager

CWE-80Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)3 documents3 sources
Severity
N/A
No vector
EPSS
0.1%
top 84.40%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
N-media Frontend File Manager
Timeline
PublishedJul 4

Description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Code Injection.This issue affects Frontend File Manager: from n/a through <= 23.6.

Affected Packages1 packages

🔴Vulnerability Details

2
CVEList
WordPress Frontend File Manager plugin <= 23.6 - Content Injection vulnerability2025-07-04
GHSA
GHSA-85r7-g2m5-xfqc: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mndpsingh287 Frontend File Manager allows Code Injectio2025-07-04
CVE-2025-27358 — Frontend File Manager vulnerability | cvebase