← ExploitWatch
HomeExploited Vulnerabilities

CVE-2020-25213 — Actively Exploited: File Manager Plugin (WordPress)

WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.

CVE IDCVE-2020-25213
VendorWordPress
ProductFile Manager Plugin
Vulnerability nameWordPress File Manager Plugin Remote Code Execution Vulnerability
Date added2021-11-03
Remediation due2022-05-03
Known ransomware useUnknown
Required actionApply updates per vendor instructions.
DescriptionWordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.
SourceCISA Known Exploited Vulnerabilities

🔍 Search all exploited vulnerabilities →