cleantalk
Vulnerabilities and Security Researches

File Manager Pro – Filester, CVE-2023-4861

CVE, Research URL

CVE-2023-4861

Home page URL

Security reports for File Manager Pro – Filester

Application

File Manager Pro – Filester

Published on
Oct 17, 2023
Research Description
The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation. This leads to remote code execution.
Affected versions
Min -, max 1.8.1.
Status
vulnerable
Previous vulnerability researches
File Manager Pro – Filester (CVE-2023-4861) , Jun 07, 2024
File Manager Pro – Filester (CVE-2023-4827) , Jun 07, 2024
File Manager Pro – Filester (CVE-2023-4862) , Jun 07, 2024
File Manager Pro – Filester (CVE-2025-52710) , Jul 03, 2025
File Manager Pro – Filester (CVE-2025-3234) , Jun 14, 2025
New vulnerability
IS-theme-companion (CVE-2025-53277) , Jul 04, 2025
Lead Form Data Collection to CRM (CVE-2025-5692) , Jul 04, 2025
Drive Folder Embedder (CVE-2025-6546) , Jul 04, 2025
WP Roadmap – Product Feedback Board (CVE-2025-52822) , Jul 04, 2025
WP Wall (CVE-2025-28968) , Jul 04, 2025