Frontend File Manager
N-Media
Developer
23.6
Latest version
1,000
Installations
No date
Last updated
Vulnerability history
3 present
22 patched
8 Mitigation rules
- Unauthenticated Arbitrary Email Sending vulnerability<= 23.517/02/2026
- Subscriber+ Arbitrary File Deletion vulnerability< 23.529/01/2026
- Missing Authorization to Unauthenticated Arbitrary File Sharing via 'file_id' Parameter vulnerability<= 23.528/01/2026
- Insecure Direct Object References (IDOR) vulnerability<= 23.516/01/2026
- Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary File Renaming vulnerability<= 23.425/11/2025
- Broken Access Control vulnerability<= 23.230/10/2025
- Broken Access Control vulnerability<= 23.322/09/2025
- Missing Authorization to Unauthenticated Arbitrary Post Deletion vulnerability<= 21.524/07/2025
- Content Injection vulnerability<= 23.604/07/2025
- Sensitive Data Exposure vulnerability<= 22.712/02/2024
- Editor+ Arbitrary File Download vulnerability< 22.613/11/2023
- File Upload via Cross-Site Request Forgery (CSRF) vulnerability<= 21.326/09/2022
- Arbitrary Settings Update via Cross-Site Request Forgery (CSRF) vulnerability<= 21.326/09/2022
- Authenticated Arbitrary File Upload vulnerability<= 21.207/09/2022
- Unauthenticated File Renaming vulnerability<= 21.207/09/2022
- Privilege Escalation vulnerability<= 17.112/07/2021
- Unauthenticated Content Injection and Stored XSS vulnerabilities<= 18.212/07/2021
- Authenticated Settings Change and Arbitrary File Upload vulnerabilities<= 18.212/07/2021
- Unauthenticated HTML Injection vulnerability<= 18.212/07/2021
- Unauthenticated Post Meta Change and Arbitrary File Download vulnerability<= 18.212/07/2021
- Unauthenticated Arbitrary Post Deletion vulnerability<= 18.212/07/2021
- Arbitrary File Upload<= 3.919/09/2016
- Arbitrary File Upload<= 1.911/06/2015
- Arbitrary File Upload<= 3.711/06/2015
- Unrestricted File Upload<= 3.318/08/2014