CVE-2023-5105
Frontend File Manager < 22.6 - Editor+ Arbitrary File Download
Severity Score
6.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The Frontend File Manager Plugin WordPress plugin before 22.6 has a vulnerability that allows an Editor+ user to bypass the file download logic and download files such as `wp-config.php`
El complemento Frontend File Manager Plugin de WordPress anterior a 22.6 tiene una vulnerabilidad que permite a un usuario de Editor+ omitir la lógica de descarga de archivos y descargar archivos como `wp-config.php`.
The Frontend File Manager Plugin plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 22.5. This makes it possible for authenticated attackers, with editor access and above, to read the contents of arbitrary files on the server, which can contain sensitive information.
*Credits:
Dmitrii Ignatyev, WPScan
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2023-09-21 CVE Reserved
- 2023-11-13 CVE Published
- 2024-08-02 CVE Updated
- 2024-08-02 First Exploit
- 2024-11-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://wpscan.com/vulnerability/d40c7108-bad6-4ed3-8539-35c0f57e62cc | 2024-08-02 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Najeebmedia Search vendor "Najeebmedia" | Frontend File Manager Plugin Search vendor "Najeebmedia" for product "Frontend File Manager Plugin" | < 22.6 Search vendor "Najeebmedia" for product "Frontend File Manager Plugin" and version " < 22.6" | wordpress |
Affected
| ||||||