Cross-site scripting (XSS) vulnerability in tpls/editmedia.php in the Hot Files: File Sharing and Download Manager (wphotfiles) plugin 1.0.0 and previous versions for WordPress allows remote malicious users to inject arbitrary web script or HTML via the mediaid parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hot files\\ file sharing and download manager project hot_files\\ |