WPIDE – File Manager & Code Editor, PSC-2026-64652
- PSC, Research URL
- Application
- Published on
- Apr 28, 2026
- Research Description
- File manager and code editor plugins operate on one of the most security-critical boundaries in WordPress because they provide direct access to site files, plugin and theme code, uploaded assets, archive operations, and in some cases filesystem-level modification workflows from inside wp-admin. A weakness in this class of plugin can lead to arbitrary file upload, unauthorized file read or deletion, stored XSS through file metadata or previews, privilege escalation, remote code execution, or full site compromise if attackers gain access to unsafe file editing paths. WPIDE – File Manager & Code Editor version 3.5.6 has successfully completed the CleanTalk Plugin Security Certification process and received PSC-2026-64652, confirming that the plugin was reviewed from a secure code perspective with attention to the most common exploitation paths for WordPress file manager, code editor, archive handling, and filesystem administration plugins.
- Affected versions
-
Min 3.5.6, max 3.5.6.
- Status
-
SAFE & CERTIFIED