WordPress is a set of blogging platforms developed using the PHP language by the WordPress (Wordpress) Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL.A directory traversal vulnerability exists in version 1.0.1 of the Media File Organizer plugin for WordPress, which stems from the failure of the WordPress media file manager to properly filter special elements in resource or file paths. An attacker could use this vulnerability to access files stored outside the web root folder via the items[] parameter in the move operation.
CPE | Name | Operator | Version |
---|---|---|---|
wordpress wordpress media file organizer | eq | 1.0.1 |