Approved changes feed: RSS · Atom

cpe:2.3:a:bitpressadmin:bit_file_manager_–_100%_free_&_open_source_file_manager_and_code_editor_for_wordpress:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorBitpressadmin (6145715e-8d5d-56ce-b3e4-03c497ba25bd)
ProductBit File Manager – 100% Free & Open Source File Manager And Code Editor For Wordpress (4678fd7d-4ebb-50e0-8839-45c68c9e0a60)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2024-7627 vulnerable 2026-06-08 06:58:22.884160 Bit File Manager 6.0 - 6.5.5 - Unauthenticated Remote Code Execution via Race Condition
HIGH (8.1)
The Bit File Manager plugin for WordPress is vulnerable to Remote Code Execution in versions 6.0 to 6.5.5 via the 'checkSyntax' function. This is due to writing a temporary file to a publicly accessible directory before performing file validation. This makes it possible for unauthenticated attackers to execute code on the server if an administrator has allowed Guest User read permissions.
Published: 2024-09-05T02:04:24.643Z
Updated: 2024-09-05T13:32:49.769Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.