ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Media File Manager Plugin <= 1.1.5 - Multiple Vulnerabilities

Product
Media File Manager
Description
Because of multiple vulnerabilities in this plugin, attackers can delete or update posts, creating, removing, listing directories, moving, renaming or deleting files, blind SQL injection and cross site scripting.
Solution
There is no fix at this moment.
Classification
Type Multi
References
Packet Storm Security
CVE
Name CVE-N/A
Versions
Affected In <= 1.1.5
Fixed In 1.1.6
Disclosure date
2015-05-13
Credits
A. Samman