CVE-2025-13382

Sažetak

The Frontend File Manager Plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 23.4. This is due to the plugin not validating file ownership before processing file rename requests in the '/wpfm/v1/file-rename' REST API endpoint. This makes it possible for authenticated attackers, with Subscriber-level access and above, to rename files uploaded by other users via the 'fileid' parameter.

Reference

https://plugins.trac.wordpress.org/browser/nmedia-user-file-uploader/tags/23.4/inc/classes/class.rest.php#L20
https://plugins.trac.wordpress.org/browser/nmedia-user-file-uploader/tags/23.4/inc/classes/class.rest.php#L52
https://www.wordfence.com/threat-intel/vulnerabilities/id/aa8d5feb-2ae9-44b8-90b5-9fc67226855a?source=cve

CVSS

Base:	4.3
Impact:	1.4
Exploitability:	2.8

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	LOW	NONE

CVSS vektor

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Zadnje važnije ažuriranje

25-11-2025 - 22:16

Objavljeno

25-11-2025 - 08:15