Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||
|---|---|---|---|---|---|---|---|---|---|
| Unknown | Frontend File Manager Plugin | unknown |
|
No data.
No data.
| Vendor | Product | Confidence | Versions | ||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| Frontend File Manager Plugin | Frontend File Manager Plugin | 80% |
|
||||||||
| Wordpress | Wordpress | 80% |
|
Found an issue or want to improve our Enrichment? You can suggest it directly by opening an issue on our dedicated GitHub repository .
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Wed, 24 Jun 2026 12:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Wed, 24 Jun 2026 06:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Wed, 24 Jun 2026 03:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Wed, 24 Jun 2026 00:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Tue, 23 Jun 2026 21:15:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Tue, 23 Jun 2026 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 |
Tue, 23 Jun 2026 16:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 CWE-287 |
Tue, 23 Jun 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
cvssV3_1
|
Tue, 23 Jun 2026 09:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Frontend File Manager Plugin
Frontend File Manager Plugin frontend File Manager Plugin Wordpress Wordpress wordpress |
|
| Vendors & Products |
Frontend File Manager Plugin
Frontend File Manager Plugin frontend File Manager Plugin Wordpress Wordpress wordpress |
Tue, 23 Jun 2026 07:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Weaknesses | CWE-284 CWE-287 |
Tue, 23 Jun 2026 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly enforce its nonce check on the file download handler, allowing unauthenticated attackers to download files uploaded by any user through the Frontend File Manager Plugin WordPress plugin through 23.6 by iterating identifiers. | |
| Title | Frontend File Manager Plugin <= 23.6 - Unauthenticated Arbitrary File Download | |
| References |
|
MITRE
Status: PUBLISHED
Assigner: WPScan
Published:
Updated: 2026-06-23T13:23:57.974Z
Reserved: 2026-05-12T08:47:44.253Z
Link: CVE-2026-8379
Vulnrichment
Updated: 2026-06-23T13:23:40.971Z
NVD
No data.
Redhat
No data.
OpenCVE Enrichment
Updated: 2026-06-24T14:00:07Z
No weakness.