Vulnerabilities > Advancedfilemanager > Advanced File Manager > High

DATE	CVE	VULNERABILITY TITLE	RISK
2024-09-26	CVE-2024-8126	Unrestricted Upload of File with Dangerous Type vulnerability in Advancedfilemanager Advanced File Manager The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads via the 'class_fma_connector.php' file in all versions up to, and including, 5.2.8. network low complexity advancedfilemanager CWE-434	8.8
2024-09-26	CVE-2024-8704	Path Traversal vulnerability in Advancedfilemanager Advanced File Manager The Advanced File Manager plugin for WordPress is vulnerable to Local JavaScript File Inclusion in all versions up to, and including, 5.2.8 via the 'fma_locale' parameter. network low complexity advancedfilemanager CWE-22	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.