Media File Manager Project Media File Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Media File Manager Project Media File Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2018-19041 — CVSS 6.1 (medium): The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the…
CVE-2018-19040 — CVSS 5.3 (medium): The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an…
CVE-2018-19042 — CVSS 5.3 (medium): The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to…
CVE-2018-19043 — CVSS 5.3 (medium): The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../…