Medium severity5.3NVD Advisory· Published Jan 31, 2019· Updated Jun 17, 2026
CVE-2018-19042
CVE-2018-19042
Description
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file movement via a ../ directory traversal in the dir_from and dir_to parameters of an mrelocator_move action to the wp-admin/admin-ajax.php URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2<=1.4.2+ 1 more
- (no CPE)range: <=1.4.2
- (no CPE)range: = 1.4.2
Patches
Vulnerability mechanics
References
1- www.exploit-db.com/exploits/45809/nvdExploitThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.