CVE-2022-3124

The Frontend File Manager Plugin WordPress plugin before 21.3 allows any unauthenticated user to rename uploaded files from users. Furthermore, due to the lack of validation in the destination filename, this could allow allow them to change the content of arbitrary files on the web server
Configurations

Configuration 1 (hide)

cpe:2.3:a:najeebmedia:frontend_file_manager:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 07:18

Type Values Removed Values Added
References () https://wpscan.com/vulnerability/00f76765-95af-4dbc-8c37-f1b15a0e8608 - Exploit, Third Party Advisory () https://wpscan.com/vulnerability/00f76765-95af-4dbc-8c37-f1b15a0e8608 - Exploit, Third Party Advisory

Information

Published : 2022-10-03 14:15

Updated : 2024-11-21 07:18


NVD link : CVE-2022-3124

Mitre link : CVE-2022-3124

CVE.ORG link : CVE-2022-3124


JSON object : View

Products Affected

najeebmedia

  • frontend_file_manager
CWE
CWE-862

Missing Authorization