WordPress security issue related to file manager plugin


I had installed two WordPress sites on same vultr server (Ubuntu + Nginx +Mariadb + php-fpm).



Now problem is that file manager plugin installed on one WordPress site can read and edit files of another site.

Example: Plugin of WordPress at /var/www/html and edit files of /var/www/html2

Is there any way to restrict access of file manager plugin of one WordPress to installation_folder of that WordPress only?


Sign In or Register to comment.