The Media from FTP Plugin for WordPress has a security problem in versions up to 9.84. It can be used by people without authentication to see sensitive information stored on the server. This is done by using the searchdir parameter in the wp-admin/admin.php?page=mediafromftp-search-register URI.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
