Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress 6.5.5

  • Severity: high-risk
  • Status: Fixed
  • Publication: September 4, 2024

The Bit File Manager plugin for WordPress has a security issue that could allow hackers to run their own code on the server. This vulnerability affects versions 6.0 to 6.5.5 and is caused by how the plugin checks for errors in files. It saves a temporary file in a folder that anyone can access, making it easy for attackers to take advantage of this and gain control of the server. This is a serious risk, especially if the administrator has granted read permissions to Guest Users.

Detected in:

Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress fixed vulnerable versions:
Bit File Manager – 100% free file manager for WordPress fixed vulnerable versions: >= 6.0 <= 6.5.5

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.