Vulnerabilities > Advancedfilemanager > Advanced File Manager > 5.2.8

DATE CVE VULNERABILITY TITLE RISK
2024-09-26 CVE-2024-8126 Unrestricted Upload of File with Dangerous Type vulnerability in Advancedfilemanager Advanced File Manager
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8.
network
low complexity
advancedfilemanager CWE-434
8.8
8.8
2024-09-26 CVE-2024-8704 Path Traversal vulnerability in Advancedfilemanager Advanced File Manager
The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter.
network
low complexity
advancedfilemanager CWE-22
7.2
7.2
2024-09-26 CVE-2024-8725 Unrestricted Upload of File with Dangerous Type vulnerability in Advancedfilemanager Advanced File Manager
Multiple plugins and/or themes for WordPress are vulnerable to Limited File Upload in various versions.
network
low complexity
advancedfilemanager CWE-434
5.4
5.4