CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-4019

The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 56.1%

CVSS Severity

CVSS v3 Score 8.8

References

https://wpscan.com/vulnerability/0d323b07-c6e7-4aba-85bc-64659ad0c85d
https://wpscan.com/vulnerability/0d323b07-c6e7-4aba-85bc-64659ad0c85d

Products affected by CVE-2023-4019

Riverforest-Wp » Media From Ftp » Version: N/A

cpe:2.3:a:riverforest-wp:media_from_ftp:-
Riverforest-Wp » Media From Ftp » Version: 11.15

cpe:2.3:a:riverforest-wp:media_from_ftp:11.15
Riverforest-Wp » Media From Ftp » Version: 11.16

cpe:2.3:a:riverforest-wp:media_from_ftp:11.16

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-4019

Products

Pricing

Contact Us