The Frontend File Manager plugin for WordPress has a security vulnerability in versions up to 18.2. An attacker who is not logged into the website can send emails with custom subject, recipient email, and body with HTML content that has not been checked for safety. This could be used to send spam emails using the website.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
