Medium severity5.3NVD Advisory· Published Jan 31, 2019· Updated Jun 17, 2026
CVE-2018-19040
CVE-2018-19040
Description
The Media File Manager plugin 1.4.2 for WordPress allows directory listing via a ../ directory traversal in the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.4.2+ 1 more
- (no CPE)range: <=1.4.2
- (no CPE)range: <=1.4.2
Patches
Vulnerability mechanics
References
1- www.exploit-db.com/exploits/45809/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.