Bit File Manager – 100% Free & Open Source File Manager And Code Editor For Wordpress
Approved changes feed: RSS · Atom
cpe:2.3:a:bitpressadmin:bit_file_manager_–_100%_free_&_open_source_file_manager_and_code_editor_for_wordpress:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Bitpressadmin (6145715e-8d5d-56ce-b3e4-03c497ba25bd) |
|---|---|
| Product | Bit File Manager – 100% Free & Open Source File Manager And Code Editor For Wordpress (4678fd7d-4ebb-50e0-8839-45c68c9e0a60) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-7627 |
vulnerable | 2026-06-08 06:58:22.884160 |
Bit File Manager 6.0 - 6.5.5 - Unauthenticated Remote Code Execution via Race Condition
HIGH (8.1)
The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions.
Published: 2024-09-05T02:04:24.643Z
Updated: 2024-09-05T13:32:49.769Z Reference links
|
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.