PT-2026-51479 · Undefined · Undefined

Alexander Jurkschat

Published

2026-06-23

Updated

2026-06-23

CVE-2026-8379

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly enforce its nonce check on the file download handler, allowing unauthenticated attackers to download files uploaded by any user through the Frontend File Manager Plugin WordPress plugin through 23.6 by iterating identifiers.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-8379

Affected Products

Undefined

PT-2026-51479 · Undefined · Undefined

CVE-2026-8379

Related Identifiers

Affected Products

References · 2