Cybersecurity Alerts

Actively Exploited Vulnerabilities

← Back to Cybersecurity Alerts

CVE-2020-25213

WordPress | File Manager PluginAdded 2021-11-03Remediation Deadline 2022-05-03

WordPress File Manager Plugin Remote Code Execution Vulnerability

WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-434

References