WordPress Plugin Vulnerabilities

File Manager, Code Editor, and Backup by Managefy < 1.5.0 - Authenticated (Admin+) Path Traversal to Arbitrary File Download

Description

The File Manager, Code Editor, and Backup by Managefy plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.4.8 via the ajax_downloadfile() function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform actions on files outside of the originally intended directory.

Affects Plugins

Plugin icon
softdiscover-db-file-manager
Fixed in 1.5.0

References

CVE
CVE-2025-9345
URL
https://www.wordfence.com/threat-intel/vulnerabilities/id/f53cf99e-3136-4a1d-bbbd-ff484f1df5c3

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
4.9 (medium)

Miscellaneous

Original Researcher
Đỗ Quang Huy
Verified
No
WPVDB ID
6d6e30ea-b293-4334-8c71-77cefd6aeb53

Timeline

Publicly Published
2025-08-27 (about 7 months ago)
Added
2025-08-27 (about 7 months ago)
Last Updated
2025-08-28 (about 7 months ago)

Other

Published
Title
Published
2025-07-17
Title
School Management System for Wordpress < 1.93.1 (02-07-2025) - Authenticated (Subscriber+) Local File Inclusion to Privilege Escalation via Password Update
Published
2025-01-24
Title
ABC Notation <= 6.1.3 - Authenticated (Contributor+) Arbitrary File Read
Published
2015-08-28
Title
NextGEN Gallery < 2.1.9 - Authenticated Path Traversal
Published
2026-03-25
Title
WP Job Portal < 2.5.0 - Authenticated (Subscriber+) Arbitrary File Deletion via Resume Custom File Field
Published
2015-04-14
Title
Crayon Syntax Highlighter < 2.7.0 - Local File Disclosure