Vulnerability Details CVE-2019-9618
The GraceMedia Media Player plugin 1.0 for WordPress allows Local File Inclusion via the "cfg" parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.808
EPSS Ranking 99.1%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://seclists.org/fulldisclosure/2019/Mar/26
- http://seclists.org/fulldisclosure/2019/Mar/32
- https://wordpress.org/plugins/gracemedia-media-player/#developers
- https://wpvulndb.com/vulnerabilities/9234
- http://seclists.org/fulldisclosure/2019/Mar/26
- http://seclists.org/fulldisclosure/2019/Mar/32
- https://wordpress.org/plugins/gracemedia-media-player/#developers
- https://wpvulndb.com/vulnerabilities/9234
Products affected by CVE-2019-9618
-
cpe:2.3:a:gracemedia_media_player_project:gracemedia_media_player:1.0