security.nuyts.tech
CVE-2018-19043 – NuytsTech Security
The Media File Manager plugin 1.4.2 for WordPress allows arbitrary file renaming (specifying a "from" and "to" filename) via a ../ directory
