cleantalk
Vulnerabilities and Security Researches

Frontend File Manager Plugin, CVE-2025-27358

CVE, Research URL

CVE-2025-27358

Home page URL

Security reports for Frontend File Manager Plugin

Application

Frontend File Manager Plugin

Published on
Jul 04, 2025
Research Description
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mndpsingh287 Frontend File Manager allows Code Injection. This issue affects Frontend File Manager: from n/a through 23.2.
Affected versions
Min -, max 23.2.
Status
vulnerable
Previous vulnerability researches
MaxGalleria (CVE-2024-3581) , Jun 06, 2024
MaxGalleria (CVE-2022-25603) , Jun 06, 2024
MaxGalleria (CVE-2024-5970) , Jun 20, 2024
New vulnerability
The E-Commerce ERP: Purchasing, Inventory, Fulfillment, Manufacturing, BOM, Accounting, Sales Analysis (CVE-2025-52836) , Jul 15, 2025
Strong Testimonials (CVE-2025-7367) , Jul 15, 2025
Companion Auto Update (CVE-2025-4369) , Jul 15, 2025
Restrict File Access (CVE-2025-7667) , Jul 15, 2025
Product XML Feed Manager for WooCommerce – Google Shopping, Social Sites, Skroutz & More (CVE-2025-30959) , Jul 15, 2025