WordPress File Manager plugin version 3.0.1 suffers from a cross site request forgery vulnerability.