CVE-2026-5337 - Frontend File Manager Plugin <= 23.6 - Subscriber+ Arbitrary Download Access via IDOR
CVE ID :CVE-2026-5337 Published : May 3, 2026, 7:16 a.m. | 52 minutes ago Description :During the analysis, it was identified that authenticated attackers with Subscriber-level access or higher are able to perform an Insecure Direct Object Reference (IDOR) attack. This vulnerability exists bec
ORIGINAL SOURCE →via CVE Feed Latest
ADVERTISEMENT
⚡ STAY AHEAD
Events like this, convergence-verified across 689 sources, land in your inbox every Sunday. Free.
GET THE SUNDAY BRIEFING →RELATED · cyber
- [CYBER] CVE-2026-7689 - Dolibarr ERP CRM Online Signature security.lib.php dol_verifyHash signature verification
- [CYBER] CVE-2026-7687 - langflow-ai langflow Full Builtins code_parser.py CodeParser.parse_callable_details command injection
- [CYBER] CVE-2026-7688 - Dolibarr ERP CRM Shipments API Endpoint expedition.class.php _checkValForAPI sql injection
- [CYBER] Fear disappears the moment you do your first deploy
- [CYBER] SOC Analyst (Tier 1)
- [CYBER] Week in review: High-severity LPE vulnerability in the Linux kernel, cPanel 0-day exploited for months