CVE-2020-25213βWordPress File Manager Plugin Remote Code Execution Vulnerability
PUBLISHEDvulnerability record
2021-11-03 Β· last modified June 21, 2025
Metadata
Vulnerability Name
WordPress File Manager Plugin Remote Code Execution Vulnerability
Description
WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.
Known To Be Used in Ransomware Campaigns?
Action
Apply updates per vendor instructions.