Medium severity6.1NVD Advisory· Published Jan 31, 2019· Updated Jun 17, 2026
CVE-2018-19041
CVE-2018-19041
Description
The Media File Manager plugin 1.4.2 for WordPress allows XSS via the dir parameter of an mrelocator_getdir action to the wp-admin/admin-ajax.php URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 1.4.2+ 1 more
- (no CPE)range: = 1.4.2
- (no CPE)range: <=1.4.2
Patches
Vulnerability mechanics
References
1- www.exploit-db.com/exploits/45809/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.