The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/ca954ec6-6ebd-4d72-a323-570474e2e339 | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-09-04T11:27:01.778Z
Updated: 2023-09-15T18:08:18.643Z
Reserved: 2023-07-20T20:10:07.465Z
Link: CVE-2023-3814
JSON object: View
NVD Information
Status : Modified
Published: 2023-09-04T12:15:09.570
Modified: 2023-11-07T04:19:44.357
Link: CVE-2023-3814
JSON object: View
Redhat Information
No data.
CWE