mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-15 11:48:07 +02:00
0xMarcio
951 B
951 B
CVE-2021-4368
Description
The Frontend File Manager plugin for WordPress is vulnerable to Authenticated Settings Change in versions up to, and including, 18.2. This is due to lacking capability checks and a security nonce, all on the wpfm_save_settings AJAX action. This makes it possible for subscriber-level attackers to edit the plugin settings, such as the allowed upload file types. This can lead to remote code execution through other vulnerabilities.
POC
Reference
No PoCs from references.