Description
WordPress Plugin File Manager is prone to multiple cross-site request forgery vulnerabilities. Exploiting these issues may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application; other attacks are also possible. WordPress Plugin File Manager version 5.0 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 5.2 or latest
References
Related Vulnerabilities
Artifactory CVE-2023-42661 Vulnerability (CVE-2023-42661)
Ruby on Rails URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2021-22942)
WordPress Plugin CopySafe Web Protection Cross-Site Request Forgery (2.5)
Apache HTTP Server NULL Pointer Dereference Vulnerability (CVE-2018-1302)