Unrated severityNVD Advisory· Published Oct 4, 2021· Updated Apr 28, 2026
WordPress Media File Renamer – Auto & Manual Rename plugin <= 5.1.9 - Cross-Site Request Forgery (CSRF) vulnerability
CVE-2021-36850
Description
Cross-Site Request Forgery (CSRF) vulnerability in WordPress Media File Renamer – Auto & Manual Rename plugin (versions <= 5.1.9). Affected parameters "post_title", "filename", "lock". This allows changing the uploaded media title, media file name, and media locking state.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=5.1.9
- Meow Apps/Media File Renamer – Auto & Manual Rename (WordPress plugin)v5Range: <= 5.1.9
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.