Cyber Resilience

CVE-2023-6825

Critical

Published: 13 March 2024

Published
13 March 2024
Modified
08 April 2026
KEV Added
Patch
CVSS Score v3.1 9.9 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS Score 0.7551 98.9th percentile
Risk Priority 65 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2023-6825 is a critical-severity Relative Path Traversal (CWE-23) vulnerability in Mndpsingh287 File Manager. Its CVSS base score is 9.9 (Critical).

Operationally, ranked in the top 1.1% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

The File Manager and File Manager Pro plugins for WordPress are vulnerable to directory traversal in the mk_file_folder_manager_action_callback_shortcode function via the target parameter. This affects the free version through 7.2.1 and the Pro version through 8.3.4, allowing attackers to read arbitrary server files and upload content outside the intended directory. The issues map to CWE-22 and CWE-23 and carry a CVSS 3.1 score of 9.9.

In the free edition the flaw requires an administrator account, while the Pro edition permits the file manager to be exposed through shortcodes and lets administrators delegate file-handling rights to lower-privileged roles, enabling those users to perform the same actions. Successful exploitation can disclose sensitive configuration or credential data and permit arbitrary file writes on the server.

Public advisories from Wordfence and the WordPress plugin repository document the issue and point to patched releases; the referenced changesets show remediation commits that address the traversal logic. The associated EPSS score sits at 0.7551 with a recorded peak of 0.7559.

EU & UK References

Vulnerability details

The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory Traversal in versions up to, and including version 7.2.1 (free version) and 8.3.4 (Pro version) via the target parameter in the mk_file_folder_manager_action_callback_shortcode function. This makes it…

more

possible for attackers to read the contents of arbitrary files on the server, which can contain sensitive information and to upload files into directories other than the intended directory for file uploads. The free version requires Administrator access for this vulnerability to be exploitable. The Pro version allows a file manager to be embedded via a shortcode and also allows admins to grant file handling privileges to other user levels, which could lead to this vulnerability being exploited by lower-level users.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

mndpsingh287
file manager
≤ 7.2.1 · ≤ 8.3.4

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-22

Validates pathnames and filenames to prevent traversal outside intended directories.

References