Najeebmedia Frontend File Manager Plugin — known CVE vulnerabilities
Every CVE whose affected-product data names Najeebmedia Frontend File Manager Plugin, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2021-4368 — CVSS 9.9 (critical): The Frontend File Manager plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 18.2. This…
CVE-2021-4356 — CVSS 9.0 (critical): The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Download in versions up to, and including…
CVE-2021-4350 — CVSS 7.2 (high): The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated HTML Injection in versions up to, and including, 18.2. This…
CVE-2021-4365 — CVSS 7.2 (high): The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Stored Cross-Site Scripting in versions up to, and…
CVE-2023-5105 — CVSS 6.5 (medium): The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download…
CVE-2021-4359 — CVSS 6.5 (medium): The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Arbitrary Post Deletion in versions up to, and including…
CVE-2021-4344 — CVSS 6.4 (medium): The Frontend File Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to, and including, 18.2. This is due to…
CVE-2021-4351 — CVSS 5.8 (medium): The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Post Meta Change in versions up to, and including, 18.2…
CVE-2021-4369 — CVSS 5.8 (medium): The Frontend File Manager plugin for WordPress is vulnerable to Unauthenticated Content Injection in versions up to, and including, 18.2…
CVE-2022-3126 — CVSS 4.3 (medium): The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to…