CVE-2022-3126

CVE-2022-3126: Frontend File Manager < 21.4 - File Upload via CSRF

Vendor Unknown
Product Frontend File Manager Plugin
Weakness CWE-352 · CSRF
Published October 17, 2022
Last update May 14, 2025

CVSS base score

What the vulnerability does

01Description

The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf

Key dates

02Disclosure timeline

October 17, 2022 CVE published
May 14, 2025 Record updated

Related vulnerabilities

04Related CVE