Is CVE-2020-25213 in the CISA Known Exploited Vulnerabilities catalog?

Yes — CVE-2020-25213 is listed in CISA KEV, remediation due 2022-05-03.

Which frameworks does CVE-2020-25213 affect?

CVE-2020-25213 affects WordPress.

CISA Known Exploited Vulnerability

CVE-2020-25213

WordPress File Manager plugin contains a remote code execution vulnerability that allows unauthenticated users to execute PHP code and upload malicious files on a target site.

⚠ Actively exploited (CISA KEV) WordPress 2020

CISA catalog entry

Product

File Manager Plugin

Vendor

WordPress

Added to KEV

2021-11-03

Remediation due

2022-05-03

CVE-2020-25213 is tracked in the CISA Known Exploited Vulnerabilities catalog. WebPulse monitors it as part of its framework security intelligence.

View CVE-2020-25213 on the NIST National Vulnerability Database →

Related vulnerabilities

CVE-2026-8206 CVE-2026-8181 CVE-2026-3844 CVE-2026-10795 CVE-2026-4020 CVE-2026-1293 CVE-2026-8732 CVE-2026-4798