WordPress security issue related to file manager plugin
I had installed two WordPress sites on same DigitalOcean server (Ubuntu + Nginx + Mariadb + php-fpm).
Now problem is that file manager plugin installed on one WordPress site can read and edit files of another site.
Example: Plugin of WordPress at /var/www/html and edit files of /var/www/html2
Is there any way to restrict access of file manager plugin of one WordPress to installation_folder of that WordPress only?
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.×