Vulnerability CVE-2023-4019
Published: 2023-09-04

Description:
The Media from FTP WordPress plugin before 11.17 does not properly limit who can use the plugin, which may allow users with author+ privileges to move files around, like wp-config.php, which may lead to RCE in some cases.

Type:

CWE-863

 (Incorrect Authorization)

 References:
https://wpscan.com/vulnerability/0d323b07-c6e7-4aba-85bc-64659ad0c85d
Copyright 2026, cxsecurity.com

 

Back to Top