CVE-2025-57921 — Missing Authorization in Frontend File Manager

CWE-862 — Missing Authorization3 documents3 sources

Severity

—N/A

No vector

EPSS

0.0%

top 89.00%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

N-media Frontend File Manager

Timeline

PublishedSep 22

Description

Missing Authorization vulnerability in N-Media Frontend File Manager nmedia-user-file-uploader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Frontend File Manager: from n/a through <= 23.3.

Affected Packages1 packages

▶CVEListV5n-media/frontend_file_manager23.3

🔴Vulnerability Details

CVEList

WordPress Frontend File Manager plugin <= 23.3 - Broken Access Control vulnerability↗2025-09-22

▶

GHSA

GHSA-hj2c-hf23-cr5m: Missing Authorization vulnerability in N-Media Frontend File Manager allows Exploiting Incorrectly Configured Access Control Security Levels↗2025-09-22

▶