CVE-2024-25903
WordPress Frontend File Manager Plugin plugin <= 22.7 - Sensitive Data Exposure vulnerabilityExposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.This issue affects Frontend File Manager: from n/a through 22.7.
We have discovered 15 live websites that are affected by CVE-2024-25903.
Affected Software
| Product |  Nmedia User File Uploader |
| Category | Wordpress Plugins |
| Vulnerable Domains | 15 live websites (100% of Nmedia User File Uploader install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 1 versions ( 100% of all versions) |
Common Weakness Enumeration
CWE-200 Exposure of Sensitive Information to an Unauthorized ActorDetails
- Published - Mar 17, 2024
- Updated - Aug 1, 2024
Credits
- Joshua Chan (Patchstack Alliance) (finder)
CVE References
CWE References
CWE
Website Distribution by Country
Number of websites using CVE-2024-25903 United States | 6 websites |
 Italy | 2 websites |
 Russia | 2 websites |
 Australia | 1 websites |
 Colombia | 1 websites |
 Greece | 1 websites |
 Netherlands | 1 websites |
 Vietnam | 1 websites |
Website Distribution by TLD
Number of websites using CVE-2024-25903| .com | 5 websites |
| .it | 2 websites |
| .com.au | 1 websites |
| .nl | 1 websites |
| .org | 1 websites |
| .ru | 1 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2024-25903
Top websites that are affected by CVE-2024-25903. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ******.org | United States | *,***,*** | |
| *************.com | United States | *,***,*** | |
| *****.ru | Russia | **,***,*** | |
| ***********.com | United States | **,***,*** | |
| ********.biz | Russia | **,***,*** | |
| ****************.com | United States | **,***,*** | |
| *************.nl | Netherlands | **,***,*** | |
| ***********.***.vn | Vietnam | **,***,*** | |
| **************.com | United States | **,***,*** | |
| ************.com | United States | **,***,*** |
FAQ
CVE-2024-25903 is Exposure of Sensitive Information to an Unauthorized Actor in Nmedia User File Uploader
A total of 15 websites have been identified as vulnerable to CVE-2024-25903, based on global website indexing conducted by WebTechSurvey.
The Nmedia User File Uploader is affected by the CVE-2024-25903 vulnerability.
Nmedia User File Uploader versions up to and including 22.7 are vulnerable to CVE-2024-25903.