File Upload via Cross-Site Request Forgery (CSRF) vulnerability was discovered by Raad Haddad (Cloudyrion GmbH) in the WordPress Frontend File Manager plugin (versions <= 21.3).
Update the WordPress Frontend File Manager plugin to the latest available version (at least 21.4).