cleantalk
Vulnerabilities and Security Researches

File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager, CVE-2021-32682

CVE, Research URL

CVE-2021-32682

Home page URL

Security reports for File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager

Application

File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager

Published on
Jun 14, 2021
Research Description
elFinder is an open-source file manager for web, written in JavaScript using jQuery UI. Several vulnerabilities affect elFinder 2.1.58. These vulnerabilities can allow an attacker to execute arbitrary code and commands on the server hosting the elFinder PHP connector, even with minimal configuration. The issues were patched in version 2.1.59. As a workaround, ensure the connector is not exposed without authentication.
Affected versions
max 5.2.3.
Status
vulnerable
Previous vulnerability researches
File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager (CVE-2024-8743) , Oct 06, 2024
File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager (CVE-2024-7770) , Sep 11, 2024
File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager (CVE-2025-1725) , Jun 03, 2025
File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager (CVE-2024-7627) , Sep 05, 2024
File Manager – 100% Free & Open Source File Manager Plugin for WordPress | Bit File Manager (CVE-2023-5907) , Jun 07, 2024
New vulnerability
OOPSpam Anti-Spam (CVE-2026-32544) , Mar 31, 2026
NotificationX – Best FOMO, Social Proof, WooCommerce Sales Popup & Notification Bar Plugin With Elementor (CVE-2026-27042) , Mar 31, 2026
The Conference (CVE-2026-32335) , Mar 31, 2026
WP Booking System – Booking Calendar (CVE-2025-68515) , Mar 31, 2026
UPI QR Code Payment Gateway for WooCommerce (CVE-2025-67969) , Mar 31, 2026