Description
WordPress Plugin Advanced File Manager is prone to an information disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may help in launching further attacks. WordPress Plugin Advanced File Manager version 5.2.4 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.2.5 or latest
References
Related Vulnerabilities
WordPress Plugin Woo Import Export Arbitrary File Deletion (1.0)
WordPress Plugin Media File Manager Multiple Vulnerabilities (1.4.2)
WordPress Plugin WordPress Mega Menu-QuadMenu Remote Code Execution (2.0.6)
Liferay Portal Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2018-10795)
Apache Traffic Server Improper Authentication Vulnerability (CVE-2021-38161)