CVE-2020-25213β€”WordPress File Manager Plugin Remote Code Execution Vulnerability

PUBLISHEDvulnerability record
2021-11-03 Β· last modified June 21, 2025

Metadata

CVE ID:
CVE-2020-25213
Project:
WordPress
Product:
File Manager Plugin
Date Added:
2021-11-03
Due Date:
2022-05-03
Last Updated:
June 21, 2025

Vulnerability Name

WordPress File Manager Plugin Remote Code Execution Vulnerability

Description

WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.

Known To Be Used in Ransomware Campaigns?

Ransomware Status:
Unknown

Action

Apply updates per vendor instructions.

Additional Notes

Related Weaknesses