File Manager

Vulnerabilities 16Slug wp-file-managerLatest version 8.0.4WordPress.org →

Minimum safe version

7.2.8

Update to 7.2.8 or later to address 16 fixable vulnerabilities

Latest available8.0.4 ✓

Critical 9.8

2024-10-16< 3.1

CVE-2018-25105

CVE

Medium 4.3

2024-11-01< 7.2.8

CVE-2024-37254

CVE Patchstack Wordfence

Medium 6.8

2024-04-09< 7.2.6

CVE-2024-2654

CVE Wordfence Patchstack

High 8.8

2024-03-21< 7.2.5

CVE-2024-1538

CVE Wordfence Patchstack WPScan

Critical 9.9

2024-03-13< 7.2.2

CVE-2023-6825

CVE Wordfence Patchstack WPScan

High 7.5

2024-02-05< 7.2.2

CVE-2024-0761

CVE Patchstack WPScan

N/A

2024-01-22< 7.2.2

File Manager <= 7.2.1 - Sensitive Information Exposure via Backup Filenames

Wordfence

N/A

< 5.2

File Manager < 5.2 - Multiple Vulnerabilities

WPScan

N/A

2018-09-17< 3.1

File Manager <= 3.0 - Unauthenticated Arbitrary File Upload/Download

Wordfence

N/A

2019-08-07< 4.9

File Manager <= 4.8 - Missing Authorization on AJAX Actions

Wordfence

High 7.5

2020-08-26< 6.5

CVE-2020-24312

CVE Patchstack Wordfence WPScan

Medium 5.4

2018-09-09< 3.0

WordPress File Manager plugin <= 2.9 - Authenticated Cross-Site Scripting (XSS) vulnerability

Patchstack CVE Wordfence WPScan

High 8.8

2019-04-15< 3.1

CVE-2018-16966

CVE Wordfence

Medium 6.1

2019-04-15< 3.1

CVE-2018-16967

CVE Wordfence WPScan

KEV

2020-09-09< 6.9

CVE-2020-25213

CVE Patchstack Wordfence WPScan

Medium 5.4

2021-04-05< 7.1

CVE-2021-24177

CVE Wordfence WPScan