cleantalk
Vulnerabilities and Security Researches

File Manager, CVE-2025-27358

CVE, Research URL

CVE-2025-27358

Home page URL

Security reports for File Manager

Application

File Manager

Published on
Jul 04, 2025
Research Description
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mndpsingh287 Frontend File Manager allows Code Injection. This issue affects Frontend File Manager: from n/a through 23.2.
Affected versions
Min -, max 23.2.
Status
vulnerable
Previous vulnerability researches
Accept Stripe Payments Using Contact Form 7 (CVE-2024-12255) , Dec 13, 2024
Accept Stripe Payments Using Contact Form 7 (CVE-2025-53309) , Jul 03, 2025
New vulnerability
MyRewards – Loyalty Points and Rewards for WooCommerce – Reward orders, referrals, product reviews and more (CVE-2025-24757) , Jul 06, 2025
File Manager (CVE-2025-27358) , Jul 06, 2025
Booking Calendar Contact Form (CVE-2025-48231) , Jul 06, 2025
NGG Smart Image Search (CVE-2025-52832) , Jul 05, 2025
(Simply) Guest Author Name (CVE-2025-24764) , Jul 05, 2025