Test Kennung:	1.3.6.1.4.1.25623.1.0.124736
Kategorie:	Web application abuses
Titel:	WordPress File Manager Plugin < 7.2.2 Multiple Vulnerabilities
Zusammenfassung:	The WordPress plugin 'File Manager' is prone to multiple; vulnerabilities.
Beschreibung:	Summary: The WordPress plugin 'File Manager' is prone to multiple vulnerabilities. Vulnerability Insight: The following vulnerabilities exist: - CVE-2023-6825: Directory Traversal via the target parameter in the mk_file_folder_manager_action_callback_shortcode function. - CVE-2024-0761: Sensitive Information Exposure due to insufficient randomness in the backup filenames, which use a timestamp plus 4 random digits. Affected Software/OS: WordPress File Manager plugin prior to version 7.2.2. Solution: Update to version 7.2.2 or later. CVSS Score: 9.0 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2023-6825 https://github.com/Studio-42/elFinder/blob/master/php/elFinderVolumeDriver.class.php#L6784 https://plugins.trac.wordpress.org/changeset?sfp_email=&sfph_mail=&reponame=&new=3023403%40wp-file-manager%2Ftrunk&old=2984933%40wp-file-manager%2Ftrunk&sfp_email=&sfph_mail= https://www.wordfence.com/threat-intel/vulnerabilities/id/93f377a1-2c33-4dd7-8fd6-190d9148e804?source=cve Common Vulnerability Exposure (CVE) ID: CVE-2024-0761 https://plugins.trac.wordpress.org/changeset/3023403/wp-file-manager/trunk/file_folder_manager.php?old=2984933&old_path=wp-file-manager%2Ftrunk%2Ffile_folder_manager.php https://wordpress.org/plugins/wp-file-manager/ https://www.wordfence.com/threat-intel/vulnerabilities/id/1928f8e4-8bbe-4a3f-8284-aa12ca2f5176?source=cve
Copyright	Copyright (C) 2025 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.