CVE-2024-25903 – WordPress Frontend File Manager Plugin plugin <= 22.7 - Sensitive Data Exposure vulnerability

https://notcve.org/view.php?id=CVE-2024-25903

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.This issue affects Frontend File Manager: from n/a through 22.7. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en N-Media Frontend File Manager. Este problema afecta a Frontend File Manager: desde n/a hasta 22.7. The Frontend File Manager Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 22.7 via the user upload functionality. This makes it possible for unauthenticated attackers to access user-uploaded files. • https://patchstack.com/database/vulnerability/nmedia-user-file-uploader/wordpress-frontend-file-manager-plugin-plugin-22-7-sensitive-data-exposure-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •