What the vulnerability does
01Description
Unrestricted Upload of File with Dangerous Type vulnerability in Meow Apps Media File Renamer allows Using Malicious Files.This issue affects Media File Renamer: from n/a through 5.7.7.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
What the vulnerability does
Unrestricted Upload of File with Dangerous Type vulnerability in Meow Apps Media File Renamer allows Using Malicious Files.This issue affects Media File Renamer: from n/a through 5.7.7.
Explanation of Vulnerability in Simple Terms
Media File Renamer versions up to 5.7.7 allow authenticated administrators to upload files without proper validation. An attacker with admin access can upload malicious files that execute on the site, potentially compromising the entire installation. The vulnerability affects file handling across the application due to scope change.
What an attacker can do
Upload and execute malicious files on the site with admin privileges.
Potential impact on your site
A compromised admin account can lead to full site takeover, data theft, or malware installation.
Conditions required to exploit
Attacker must have administrator-level access to the WordPress site.
Key dates
External resources