CVE-2026-8379

CVSS Score & Metrics

Base Score

7.5 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N                                    

Vulnerability Description

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly enforce its nonce check on the file download handler, allowing unauthenticated attackers to download files uploaded by any user through the Frontend File Manager Plugin WordPress plugin through 23.6 by iterating identifiers.

Vulnerability Details

Published Date

June 23, 2026

Last Modified

June 23, 2026

Source

NVD

External References

https://wpscan.com/vulnerability/71619406-19bb-437f-9538-fdf73de98827/

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment