Lucene search
WPScanCVELIST:CVE-2023-3814HistorySep 04, 2023 - 11:27 a.m.
CVE-2023-3814 Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access
2023-09-0411:27:01
WPScan
www.cve.org
cve-2023-3814
file manager
wordpress
multisite
arbitrary access
The Advanced File Manager WordPress plugin before 5.1.1 does not adequately authorize its usage on multisite installations, allowing site admin users to list and read arbitrary files and folders on the server.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Advanced File Manager",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "5.1.1"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
cve
cve
CVE-2023-3814
2023-09-04 12:15:09
openvas
openvas
WordPress Advanced File Manager Plugin < 5.1.1 Broken Access Vulnerability
2023-09-07 00:00:00
prion
prion
Code injection
2023-09-04 12:15:00
nvd
nvd
CVE-2023-3814
2023-09-04 12:15:09
wpexploit
wpexploit
Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access
2023-08-14 00:00:00
wpvulndb
wpvulndb
Advanced File Manager < 5.1.1 - Admin+ Arbitrary File/Folder Access
2023-08-14 00:00:00
wordfence
wordfence