CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-44991 – WordPress Media File Renamer Plugin <= 5.6.9 is vulnerable to Sensitive Data Exposure
https://notcve.org/view.php?id=CVE-2023-44991
28 Nov 2023 — Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Media File Renamer: Rename Files (Manual, Auto & AI).This issue affects Media File Renamer: Rename Files (Manual, Auto & AI): from n/a through 5.6.9. Exposición de información confidencial a una vulnerabilidad de actor no autorizado en Jordy Meow Media File Renamer: Rename Files (Manual, Auto & AI). Este problema afecta a Media File Renamer: Rename Files (Manual, Auto & AI): desde n/a hasta 5.6. 9. The Media File ... • https://patchstack.com/database/vulnerability/media-file-renamer/wordpress-media-file-renamer-plugin-5-6-9-sensitive-data-exposure-via-debug-log-vulnerability?_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-36850 – WordPress Media File Renamer – Auto & Manual Rename plugin <= 5.1.9 - Cross-Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2021-36850
08 Apr 2021 — Cross-Site Request Forgery (CSRF) vulnerability in WordPress Media File Renamer – Auto & Manual Rename plugin (versions <= 5.1.9). Affected parameters "post_title", "filename", "lock". This allows changing the uploaded media title, media file name, and media locking state. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en el plugin Media File Renamer - Auto & Manual Rename de WordPress (versiones versions anteriores a 5.1.9 incluyéndola). Parámetros afectados "post_title", "filename", "loc... • https://patchstack.com/database/vulnerability/media-file-renamer/wordpress-media-file-renamer-plugin-5-1-9-multiple-cross-site-request-forgery-csrf-vulnerabilities • CWE-352: Cross-Site Request Forgery (CSRF) •