WordPress Plugin Vulnerabilities

Frontend File Manager < 18.3 - Unauthenticated HTML Injection

Description

The wpfm_send_file_in_email AJAX action of the plugin, available to unauthenticated users, was lacking CSRF, capability check, sanitisation and validation, allowing unauthenticated users to send arbitrary emails to any email address.

Affects Plugins

Plugin icon
nmedia-user-file-uploader
Fixed in 18.3

References

CVE
CVE-2021-4350
URL
https://blog.nintechnet.com/wordpress-frontend-file-manager-plugin-fixed-multiple-critical-vulnerabilities/

Classification

Type
CONTENT INJECTION
OWASP top 10
A1: Injection
CWE
CWE-345
CVSS
6.5 (medium)

Miscellaneous

Original Researcher
Jerome Bruandet (nintechnet)
Verified
No
WPVDB ID
1cf58a77-2467-4dd2-b8f4-408a407d07a6

Timeline

Publicly Published
2021-07-12 (about 4 years ago)
Added
2021-07-12 (about 4 years ago)
Last Updated
2023-06-08 (about 3 years ago)

Other

Published
Title
Published
2024-06-03
Title
Claudio Sanches – Checkout Cielo for WooCommerce <= 1.1.0 - Insufficient Verification of Data Authenticity to Order Payment Status Update
Published
2026-02-26
Title
Fluent Forms Pro Add On Pack < 6.1.18 - Missing Authorization to Unauthenticated Payment Status modification
Published
2022-03-15
Title
NS WooCommerce Watermark <= 2.11.3 - Abuse of Functionality
Published
2025-11-21
Title
Subscriptions & Memberships for PayPal < 1.1.8 - Unauthenticated Fake Payment Creation
Published
2024-02-20
Title
Tutor LMS < 2.6.1 - Student+ HTML Injection via Q&A