Filtered by vendor Riverforest-wp Subscriptions
Filtered by product Media From Ftp Subscriptions
Total 1 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-4019 1 Riverforest-wp 1 Media From Ftp 2024-08-02 8.8 High
The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases.