Authenticated Directory Traversal vulnerability found by wpl0v3r in WordPress Media from FTP plugin (versions <=9.84). Vulnerable via exists via the “searchdir” parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI.
Update the WordPress Media from FTP plugin to the latest available version (at least 9.85).
CPE | Name | Operator | Version |
---|---|---|---|
media from ftp | le | 9.84 |