WordPress Media File Renamer Plugin <= 1.7.0 - Multiple XSS

Because of these vulnerabilities, authenticated users with permissions to add media or edit media can inject arbitrary web script or HTML via unspecified parameters, as demonstrated by the title of an uploaded file.

Solution

           Update the plugin.