The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2023-09-04T11:27:02.512Z
Updated: 2024-08-02T07:17:11.565Z
Reserved: 2023-07-31T14:45:28.127Z
Link: CVE-2023-4019
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-09-04T12:15:10.037
Modified: 2023-11-07T04:22:03.283
Link: CVE-2023-4019
Redhat
No data.