CVE-2023-32095 – WordPress Rename Media Files Plugin <= 1.0.1 is vulnerable to Remote Code Execution (RCE)

https://notcve.org/view.php?id=CVE-2023-32095

07 Nov 2023 — Improper Control of Generation of Code ('Code Injection') vulnerability in Milan Dinić Rename Media Files.This issue affects Rename Media Files: from n/a through 1.0.1. Vulnerabilidad de control inadecuado de generación de código ("inyección de código") en Milan Dini? Rename Media Files. Este problema afecta a Rename Media Files: desde n/a hasta 1.0.1. The Rename Media Files plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 1.0.1. • https://patchstack.com/database/vulnerability/rename-media-files/wordpress-rename-media-files-plugin-1-0-1-remote-code-execution-rce-vulnerability?_s_id=cve • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') CWE-94: Improper Control of Generation of Code ('Code Injection') •