CVE-2024-0761

moderate-risk
Published 2024-02-05

The File Manager plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.2.1 due to insufficient randomness in the backup filenames, which use a timestamp plus 4 random digits. This makes it possible for unauthenticated attackers, to extract sensitive data including site backups in configurations where the .htaccess file in the directory does not block access.

Do I need to act?

-
0.44% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.1/10 High
NETWORK / HIGH complexity

Affected Products (1)

Affected Vendors

Filemanagerpro

References (6)

Patch https://plugins.trac.wordpress.org/changeset/3023403/wp-file-manager/trunk/file_...
Product https://wordpress.org/plugins/wp-file-manager/
Third Party Advisory https://www.wordfence.com/threat-intel/vulnerabilities/id/1928f8e4-8bbe-4a3f-828...
Patch https://plugins.trac.wordpress.org/changeset/3023403/wp-file-manager/trunk/file_...
Product https://wordpress.org/plugins/wp-file-manager/
Third Party Advisory https://www.wordfence.com/threat-intel/vulnerabilities/id/1928f8e4-8bbe-4a3f-828...
31
/ 100
moderate-risk
Severity 24/34 · High
Exploitability 2/34 · Minimal
Exposure 5/34 · Minimal