1 results (0.002 seconds)
CVSS: 6.6EPSS: %CPEs: 1EXPL: 0
CVE-2023-50897 – Media File Renamer <= 5.7.7 - Authenticated(Administrator+) Remote Code Execution
https://notcve.org/view.php?id=CVE-2023-50897
The Media File Renamer: Rename Files (Manual, Auto & AI) plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 5.7.7. This makes it possible for authenticated attackers, with administrator access and above, to execute code on the server by renaming files containing PHP code. • CWE-73: External Control of File Name or Path •