CVE-2023-6825

Name of the Vulnerable Software and Affected Versions File Manager versions up to 7.2.1 File Manager Pro versions up to 8.3.4

Description The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory Traversal via the target parameter in the mk file folder manager action callback shortcode function. This allows attackers to read the contents of arbitrary files on the server, which can contain sensitive information, and to upload files into directories other than the intended directory for file uploads. The free version requires Administrator access for this vulnerability to be exploitable, while the Pro version allows a file manager to be embedded via a shortcode and also allows admins to grant file handling privileges to other user levels, potentially leading to exploitation by lower-level users. Over a million WordPress sites are potentially exposed to this flaw.

Recommendations For File Manager versions up to 7.2.1, update to a version later than 7.2.1 to resolve the issue. For File Manager Pro versions up to 8.3.4, update to a version later than 8.3.4 to resolve the issue. As a temporary workaround, consider restricting access to the mk file folder manager action callback shortcode function and limiting file handling privileges to only necessary user levels.