CVE-2018-5310 – Media from FTP Plugin < 9.85 - Directory Traversal
https://notcve.org/view.php?id=CVE-2018-5310
In the "Media from FTP" plugin before 9.85 for WordPress, Directory Traversal exists via the searchdir parameter to the wp-admin/admin.php?page=mediafromftp-search-register URI. En el plugin "Media from FTP" en versiones anteriores a la 9.85 para WordPress, existe salto de directorio mediante el parámetro searchdir en el URI wp-admin/admin.php?page=mediafromftp-search-register. The Media from FTP Plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 9.84 via the searchdir parameter to the wp-admin/admin.php? • https://github.com/d4wner/Vulnerabilities-Report/blob/master/media-from-ftp.md https://wordpress.org/plugins/media-from-ftp/#developers https://wordpress.org/support/topic/any-directory-traversal-bugs-at-the-latest-version-of-media-from-ftp • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •