Advancedfilemanager
advancedfilemanager
11 CVEs • 2 products
Products (2)
Click to collapseToggle
Products (2)
Click to collapse
CVEs (11)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
1Advancedfilemanager 1Advanced File Manager Apr 23, 2026 May 7, 2025 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Missing Authorization vulnerability in Saad Iqbal Advanced File Manager file-manager-advanced allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced File Manager: from n/a thr...Show more |
1Advancedfilemanager 1Advanced File Manager May 21, 2025 Mar 7, 2025 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Advanced File Manager — Ultimate WordPress File Manager and Document Library Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 5.2.14...Show more |
1Advancedfilemanager 1Advanced File Manager Jun 5, 2025 Jan 17, 2025 N/A· v4 7.5 HIGH· v3 N/A· v2 The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'fma_local_file_system' function in versions 5.2.12 to 5.2.13. This makes it possible for...Show more |
1Advancedfilemanager 1Advanced File Manager Jun 5, 2025 Dec 3, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.10. This makes i...Show more |
1Advancedfilemanager 1Advanced File Manager Oct 1, 2024 Sep 26, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions. This is due to a lack of proper checks to ensure lower-privileged roles cannot upload .css and .js files to arbitrar...Show more |
1Advancedfilemanager 1Advanced File Manager Oct 1, 2024 Sep 26, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. This makes it possible for authenticated attacke...Show more |
1Advancedfilemanager 1Advanced File Manager Oct 1, 2024 Sep 26, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. This makes it possible for authenticated attacker...Show more |
1Advancedfilemanager 1File Manager Advanced Shortcode Apr 8, 2026 Jul 10, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 The Advanced File Manager Shortcodes plugin for WordPress is vulnerable to arbitrary file uploads in all versions up to, and including, 2.5.3. This makes it possible for authenticated attackers with contributor access or...Show more |
1Advancedfilemanager 1Advanced File Manager Apr 8, 2026 Jun 29, 2024 N/A· v4 7.5 HIGH· v3 N/A· v2 The Advanced File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 5.2.4 via the 'fma_local_file_system' function. This makes it possible for unauthentica...Show more |
1Advancedfilemanager 1Advanced File Manager Mar 6, 2025 Sep 4, 2023 N/A· v4 4.9 MEDIUM· v3 N/A· v2 The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server. |
1Advancedfilemanager 1File Manager Advanced Shortcode Nov 21, 2024 Jun 27, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 The File Manager Advanced Shortcode WordPress plugin through 2.3.2 does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to RCE in cases where the allowed MIME type l...Show more |