File Manager — Vulnerabilities & Security Advisories 11

All 11 CVE vulnerabilities found in File Manager, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE ID	Title	CVSS	Severity	Paused
CVE-2025-1725	Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.7 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Uploads CWE-434	6.4	Medium	2025-06-03
CVE-2024-37254	WordPress WP File Manager plugin <= 7.2.7 - Broken Access Control vulnerability CWE-862	4.3	Medium	2024-11-01
CVE-2018-25105	File Manager <= 3.0 - Unauthenticated Arbitrary File Upload/Download CWE-862	9.8	Critical	2024-10-16
CVE-2024-8743	Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.7 - Authenticated (Subscriber+) Limited JavaScript File Upload CWE-434	6.8	Medium	2024-10-05
CVE-2024-7770	Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress <= 6.5.5 - Authenticated (Subscriber+) Arbitrary File Upload CWE-434	8.8	High	2024-09-10
CVE-2024-2654	File Manager <= 7.2.5 - Authenticated (Administrator+) Directory Traversal CWE-35	6.8	Medium	2024-04-09
CVE-2024-1538	File Manager <= 7.2.4 - Cross-Site Request Forgery to Local JS File Inclusion CWE-352	8.8	High	2024-03-21
CVE-2023-6825	File Manager And File Manager Pro (Multiple Versions) - Directory Traversal CWE-23	9.9	Critical	2024-03-13
CVE-2024-0761	File Manager <= 7.2.1 - Sensitive Information Exposure via Backup Filenames CWE-330	8.1	High	2024-02-05
CVE-2023-5907	File Manager < 6.3 - Admin+ Arbitrary OS File/Folder Access + Path Traversal	6.5^AI	Medium^AI	2023-12-11
CVE-2021-24177	WP File Manager < 7.1 - Reflected Cross-Site Scripting (XSS) CWE-79	5.4	-	2021-04-05

All 11 known CVE vulnerabilities affecting File Manager with full Chinese analysis, references, and POCs where available.