WordPress Plugin Vulnerabilities

File Manager < 7.2.6 - Authenticated (Administrator+) Directory Traversal

Description

The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 7.2.5 via the fm_download_backup function. This makes it possible for authenticated attackers, with administrator access and above, to read the contents of arbitrary zip files on the server, which can contain sensitive information.

Affects Plugins

Plugin icon
wp-file-manager
Fixed in 7.2.6

References

CVE
CVE-2024-2654
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/ca98fbc6-8cfa-4997-8a46-344afb75a97e

Classification

Type
FILE DOWNLOAD
OWASP top 10
A1: Injection
CWE
CWE-552
CVSS
6.8 (medium)

Miscellaneous

Original Researcher
DarkT
Verified
No
WPVDB ID
4acb0a40-1f56-4489-9432-3475ff753c45

Timeline

Publicly Published
2024-04-03 (about 2 years ago)
Added
2024-04-04 (about 2 years ago)
Last Updated
2024-04-04 (about 2 years ago)

Other

Published
Title
Published
2022-11-28
Title
Wholesale Market for WooCommerce < 1.0.8 - Admin+ Arbitrary File Download
Published
2025-09-03
Title
atec Debug < 1.2.23 - Admin+ Arbitrary File Read
Published
2019-06-02
Title
Simple File List < 3.2.8 - Unauthenticated Arbitrary File Download
Published
2025-02-23
Title
Download Manager < 3.3.07 - Unauthenticated Data Exposure
Published
2022-10-17
Title
WooCommerce Dropshipping < 4.4 - Unauthenticated SQLi