Unauthenticated HTML Injection in Frontend File Manager Plugin for WordPress
CVE-2021-4350

7.2HIGH

Key Information:

Vendor
Wordpress
Vendor
CVE Published:
7 June 2023

Summary

The Frontend File Manager plugin in WordPress versions up to and including 18.2 is susceptible to an unauthenticated HTML injection vulnerability. This issue arises from inadequate authentication protections on the wpfm_send_file_in_email AJAX action, allowing unauthenticated attackers to send emails using the website's resources. This exploit permits the attacker to set custom subject lines, recipient addresses, and include unsanitized HTML content in the email body, effectively utilizing the website as a spam relay.

Affected Version(s)

Frontend File Manager Plugin * < 18.3

References

CVSS V3.1

Score:
7.2
Severity:
HIGH
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Jerome Bruandet
.
🍪 This website uses cookies, like every other website on the internet 😕 By using our website, you consent to the use of cookies.