cleantalk
Vulnerabilities and Security Researches

File Manager, CVE-2025-27358

CVE, Research URL

CVE-2025-27358

Home page URL

Security reports for File Manager

Application

File Manager

Published on
Jul 04, 2025
Research Description
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in mndpsingh287 Frontend File Manager allows Code Injection. This issue affects Frontend File Manager: from n/a through 23.2.
Affected versions
Min -, max 23.2.
Status
vulnerable
Previous vulnerability researches
qTranslate X Cleanup and WPML Import (CVE-2023-29431) , Jun 10, 2024
qTranslate X Cleanup and WPML Import (3c61cc8784ba3fb4275d8a966376f27f2f15796d) , Jun 06, 2024
New vulnerability
Easy Elements Hider (CVE-2025-28971) , Jul 07, 2025
fluXtore Funnel Builder for WordPress – Earn More with Highly Converting Sales Funnels (CVE-2025-30929) , Jul 07, 2025
WC Pickup Store (CVE-2025-47634) , Jul 07, 2025
MF Plus WPML (CVE-2025-49431) , Jul 07, 2025
Cool fade popup (CVE-2025-30947) , Jul 07, 2025