Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:phoenix_media_rename_project:phoenix_media_rename:1.3.2:*:*:*:*:wordpress:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-24816 |
The Phoenix Media Rename WordPress plugin before 3.4.4 does not have capability checks in its phoenix_media_rename AJAX action, which could allow users with Author roles to rename any uploaded media files, including ones they do not own. Published: November 08, 2021; 1:15:10 PM -0500 |
V4.0:(not available) V3.1: 4.3 MEDIUM V2.0: 4.0 MEDIUM |