WordPress Plugin File Manager is prone to multiple vulnerabilities, including security bypass and information disclosure vulnerabilities. An attacker may leverage these issues to perform otherwise restricted actions and subsequently delete or restore backups, or to obtain sensitive information that may help in launching further attacks. WordPress Plugin File Manager version 4.8 is vulnerable; prior versions may also be affected.
Update to plugin version 4.9 or latest
Drupal Core 8.9.0 Cross-Site Request Forgery (8.9.0 - 8.9.0)
WordPress Plugin Gallery-Photo Albums-Portfolio Cross-Site Scripting (1.3.47)
WordPress Plugin Booster Plus for WooCommerce Multiple Cross-Site Request Forgery Vulnerabilities (6.0.0)
WordPress Plugin iQ Block Country Unspecified Vulnerability (1.1.33)