The vulnerability arises from a missing object‑level authorization check in the handle_folders_file_upload() function of the Folders WordPress plugin. It allows authenticated users who hold Author or higher roles to replace any media file in the WordPress Media Library, potentially modifying or deleting valuable content without the site owner's consent. This defect does not grant remote code execution or elevate privileges beyond the existing authenticated user.

The affected product is the Folders – Unlimited Folders to Organize Media Library plugin for WordPress. All released versions up to and including 3.1.5 are impacted. Any WordPress installation running those versions of the plugin with an authenticated user who has Author or higher role is susceptible.

The CVSS score of 4.3 indicates moderate severity, reflecting that the attack requires legitimate author credentials and does not compromise systems beyond the user's existing permissions. The EPSS score of less than 1% shows a low probability of widespread exploitation at this time, and the vulnerability is not listed in the CISA KEV catalog. Nonetheless, because the defect permits direct alteration of media files, it is a significant risk to the integrity and trustworthiness of the site’s content. The likely attack vector involves a legitimate author account that has been compromised or misused to upload a malicious replacement file.