Security for everyone

CVE-2020-24312 Scanner

Detects 'Improper Access Control' vulnerability in WP File Manager affects v. 6.4 and lower.


Short Info



Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

30 sec

Scan only one




WP File Manager is a popular plugin used for managing files and folders within WordPress websites. This plugin provides a user-friendly file management system with a built-in code editor, file compression, and file sharing functionalities. It is a comprehensive tool that simplifies the website maintenance process for developers and site owners.

However, a critical vulnerability, CVE-2020-24312, was recently detected in WP File Manager version 6.4 and lower. This vulnerability allows unauthenticated users to access the fm_backups directory, which contains the site’s backed-up files, including full database backups. This security flaw exposes sensitive information, such as user credentials, payment information, and other confidential data, to malicious actors.

When exploited, the vulnerability could cause significant damage to the targeted website and its users. Hackers can use this access to steal sensitive data, deface websites, or inject malicious code into the site. Additionally, they can leverage this vulnerability to use the website as a source of spam or launch further attacks on other websites.

Therefore, to ensure the safety of your website, it is essential to stay aware of potential security threats and take appropriate measures to safeguard it. With the pro features of the platform, you can easily and quickly learn about vulnerabilities in your digital assets and take proactive steps to mitigate them. Stay secure, and protect your online presence with!



cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture