WordPress Plugin Vulnerabilities

Frontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File Deletion via Saved File Metadata Path Traversal

Description

The plugin does not validate a file path derived from user input before deleting the referenced file, allowing unauthenticated users to delete arbitrary files on the server (such as wp-config.php) when guest upload mode is enabled. Deleting wp-config.php forces the site into its setup routine, which can be leveraged toward a full site takeover.

Proof of Concept

Affects Plugins

References

Classification

Type
FILE DELETION
CWE
CVSS

Miscellaneous

Original Researcher
Chamseddine Bouzaiene
Submitter
Chamseddine Bouzaiene
Submitter website
Submitter twitter
Verified
Yes

Timeline

Publicly Published
2026-06-16 (about 21 days ago)
Added
2026-06-16 (about 20 days ago)
Last Updated
2026-06-16 (about 20 days ago)

Other