The File Manager plugin for... CVE-2024-2654

- AV AC AU C I A
发布: 2024-04-09
修订: 2025-03-24

The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fm_download_backup function. This makes it possible for authenticated attackers, with administrator access and above, to read the contents of arbitrary zip files on the server, which can contain sensitive information.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息