Media Sync
Monthly
Path traversal in the Media Sync WordPress plugin (versions ≤1.4.9) enables authenticated attackers with Author-level access or above to read arbitrary files outside the intended uploads directory by injecting traversal sequences into the 'sub_dir' and 'media_items' parameters. The CVSS vector (C:H/I:N/A:N) confirms the impact is limited to confidentiality - file read only, with no write or deletion capability indicated. No public exploit has been identified at time of analysis, and CISA SSVC rates current exploitation as none with partial technical impact, consistent with the low EPSS probability of 0.45%.
Path traversal in the Media Sync WordPress plugin (versions ≤1.4.9) enables authenticated attackers with Author-level access or above to read arbitrary files outside the intended uploads directory by injecting traversal sequences into the 'sub_dir' and 'media_items' parameters. The CVSS vector (C:H/I:N/A:N) confirms the impact is limited to confidentiality - file read only, with no write or deletion capability indicated. No public exploit has been identified at time of analysis, and CISA SSVC rates current exploitation as none with partial technical impact, consistent with the low EPSS probability of 0.45%.