An exploit was discovered in The Media File Manager plugin version 1.4.2 for WordPress. This vulnerability allows for directory traversal and the initiation of a remote cross site scripting (XSS) attack via the dir parameter of the mrelocator_getdir
function of the file wp-admin/admin-ajax.php
. A working exploit has been dislosed.
The CVE ID that was assigned to this exploit is: CVE-2018-19041
The Media File Manager plugin for WordPress helps to organize the WordPress Media Library. Uploaded files can be renamed, previewed, deleted and moved to other folders. The plugin can be utilized by administrators, authors, contributors and subscribers.
Mitigation
The plugin has been removed from the WordPress plugin repository. There is currently no known mitigation and it is recommended that the plugin is permanently deleted from your WordPress installation.