Missing Authorization Vulnerability in N-Media Frontend File Manager
CVE-2025-64265

Currently unrated

Key Information:

Vendor

WordPress
Status
Frontend File Manager
Vendor
CVE Published:
13 November 2025

What is CVE-2025-64265?

The N-Media Frontend File Manager suffers from a missing authorization vulnerability that allows attackers to exploit incorrectly configured access control security levels. This flaw enables unauthorized access to sensitive functions, potentially leading to the exposure of confidential files. Users of versions from n/a to 23.2 should be aware of this issue and take necessary precautions to secure their installations.

Affected Version(s)

Frontend File Manager <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/nmed...
vdb-entry

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Legion Hunter | Patchstack Bug Bounty Program
JSON
.
CVE-2025-64265 : Missing Authorization Vulnerability in N-Media Frontend File Manager