Vulnerability Description
In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI.
CVSS Score
6.5
MEDIUM
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Media From Ftp Project | Media From Ftp | < 9.85 |
Related Weaknesses (CWE)
References
- https://github.com/d4wner/Vulnerabilities-Report/blob/master/media-from-ftp.mdExploitThird Party Advisory
- https://wordpress.org/plugins/media-from-ftp/#developersProductRelease Notes
- https://wordpress.org/support/topic/any-directory-traversal-bugs-at-the-latest-vBroken Link
- https://github.com/d4wner/Vulnerabilities-Report/blob/master/media-from-ftp.mdExploitThird Party Advisory
- https://wordpress.org/plugins/media-from-ftp/#developersProductRelease Notes
- https://wordpress.org/support/topic/any-directory-traversal-bugs-at-the-latest-vBroken Link
FAQ
What is CVE-2018-5310?
CVE-2018-5310 is a vulnerability with a CVSS score of 6.5 (MEDIUM). In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI.
How severe is CVE-2018-5310?
CVE-2018-5310 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-5310?
Check the references section above for vendor advisories and patch information. Affected products include: Media From Ftp Project Media From Ftp.