Search

Find a vulnerability

Search criteria

    6 vulnerabilities by katsushi-kawamori

    CVE-2026-2144 (GCVE-0-2026-2144)

    Vulnerability from nvd – Published: 2026-02-14 04:35 – Updated: 2026-04-08 16:57
    VLAI
    Title
    Magic Login Mail or QR Code <= 2.05 - Unauthenticated Privilege Escalation via Insecure QR Code File Storage
    Summary
    The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.05. This is due to the plugin storing the magic login QR code image with a predictable, static filename (QR_Code.png) in the publicly accessible WordPress uploads directory during the email sending process. The file is only deleted after wp_mail() completes, creating an exploitable race condition window. This makes it possible for unauthenticated attackers to trigger a login link request for any user, including administrators, and then exploit the race condition between QR code file creation and deletion to obtain the login URL encoded in the QR code, thereby gaining unauthorized access to the targeted user's account.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    katsushi-kawamori Magic Login Mail or QR Code Affected: 0 , ≤ 2.05 (semver)
    Create a notification for this product.
    Credits
    ifoundbug
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2144",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-17T20:38:12.495994Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-17T20:38:42.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic Login Mail or QR Code",
              "vendor": "katsushi-kawamori",
              "versions": [
                {
                  "lessThanOrEqual": "2.05",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ifoundbug"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.05. This is due to the plugin storing the magic login QR code image with a predictable, static filename (QR_Code.png) in the publicly accessible WordPress uploads directory during the email sending process. The file is only deleted after wp_mail() completes, creating an exploitable race condition window. This makes it possible for unauthenticated attackers to trigger a login link request for any user, including administrators, and then exploit the race condition between QR code file creation and deletion to obtain the login URL encoded in the QR code, thereby gaining unauthorized access to the targeted user\u0027s account."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:57:42.720Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/65066a17-653b-4444-9bd0-894ea8c1acb1?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/magic-login-mail/trunk/lib/class-magicloginmail.php#L325"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/magic-login-mail/trunk/lib/class-magicloginmail.php#L250"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3460417/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-13T16:21:07.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Magic Login Mail or QR Code \u003c= 2.05 - Unauthenticated Privilege Escalation via Insecure QR Code File Storage"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2026-2144",
        "datePublished": "2026-02-14T04:35:40.772Z",
        "dateReserved": "2026-02-07T00:47:48.353Z",
        "dateUpdated": "2026-04-08T16:57:42.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-13897 (GCVE-0-2024-13897)

    Vulnerability from nvd – Published: 2025-03-06 08:21 – Updated: 2026-04-08 17:03
    VLAI
    Title
    Moving Media Library <= 1.22 - Authenticated (Administrator+) Directory Traversal to Arbitrary File Deletion
    Summary
    The Moving Media Library plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the generate_json_page function in all versions up to, and including, 1.22. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    katsushi-kawamori Moving Media Library Affected: 0 , ≤ 1.22 (semver)
    Create a notification for this product.
    Credits
    Emil
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-13897",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-06T16:34:51.224220Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-06T16:35:05.552Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Moving Media Library",
              "vendor": "katsushi-kawamori",
              "versions": [
                {
                  "lessThanOrEqual": "1.22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Emil"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Moving Media Library plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the generate_json_page function in all versions up to, and including, 1.22. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:03:43.787Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/815ce00b-3753-4c38-8a30-5242a5841734?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/moving-media-library/trunk/lib/class-movingmedialibraryadmin.php#L166"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3244709/moving-media-library/trunk/lib/class-movingmedialibraryadmin.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-03-05T20:19:26.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Moving Media Library \u003c= 1.22 - Authenticated (Administrator+) Directory Traversal to Arbitrary File Deletion"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-13897",
        "datePublished": "2025-03-06T08:21:38.783Z",
        "dateReserved": "2025-02-20T19:20:20.695Z",
        "dateUpdated": "2026-04-08T17:03:43.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-12637 (GCVE-0-2024-12637)

    Vulnerability from nvd – Published: 2025-01-17 07:01 – Updated: 2026-04-08 17:03
    VLAI
    Title
    Moving Users <= 1.05 - Unauthenticated Sensitive Information Exposure
    Summary
    The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable locations with guessable file names when exporting user data. This could allow unauthenticated attackers to extract sensitive user data, for instance, email addresses, hashed passwords, and IP addresses.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    katsushi-kawamori Moving Users Affected: 0 , ≤ 1.05 (semver)
    Create a notification for this product.
    Credits
    Emil
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12637",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-17T13:32:32.449433Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T18:44:10.720Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Moving Users",
              "vendor": "katsushi-kawamori",
              "versions": [
                {
                  "lessThanOrEqual": "1.05",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Emil"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable locations with guessable file names when exporting user data. This could allow unauthenticated attackers to extract sensitive user data, for instance, email addresses, hashed passwords, and IP addresses."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:03:52.720Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8209761c-2cfe-49b9-ab4c-49a9a13b5dcf?source=cve"
            },
            {
              "url": "https://wordpress.org/plugins/moving-users/"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3223894%40moving-users\u0026new=3223894%40moving-users\u0026sfp_email=\u0026sfph_mail="
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-01-16T18:23:12.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Moving Users \u003c= 1.05 - Unauthenticated Sensitive Information Exposure"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-12637",
        "datePublished": "2025-01-17T07:01:28.253Z",
        "dateReserved": "2024-12-14T12:40:14.521Z",
        "dateUpdated": "2026-04-08T17:03:52.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-2144 (GCVE-0-2026-2144)

    Vulnerability from cvelistv5 – Published: 2026-02-14 04:35 – Updated: 2026-04-08 16:57
    VLAI
    Title
    Magic Login Mail or QR Code <= 2.05 - Unauthenticated Privilege Escalation via Insecure QR Code File Storage
    Summary
    The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.05. This is due to the plugin storing the magic login QR code image with a predictable, static filename (QR_Code.png) in the publicly accessible WordPress uploads directory during the email sending process. The file is only deleted after wp_mail() completes, creating an exploitable race condition window. This makes it possible for unauthenticated attackers to trigger a login link request for any user, including administrators, and then exploit the race condition between QR code file creation and deletion to obtain the login URL encoded in the QR code, thereby gaining unauthorized access to the targeted user's account.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-269 - Improper Privilege Management
    Assigner
    Impacted products
    Vendor Product Version
    katsushi-kawamori Magic Login Mail or QR Code Affected: 0 , ≤ 2.05 (semver)
    Create a notification for this product.
    Credits
    ifoundbug
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-2144",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-02-17T20:38:12.495994Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-02-17T20:38:42.732Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Magic Login Mail or QR Code",
              "vendor": "katsushi-kawamori",
              "versions": [
                {
                  "lessThanOrEqual": "2.05",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "ifoundbug"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Magic Login Mail or QR Code plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.05. This is due to the plugin storing the magic login QR code image with a predictable, static filename (QR_Code.png) in the publicly accessible WordPress uploads directory during the email sending process. The file is only deleted after wp_mail() completes, creating an exploitable race condition window. This makes it possible for unauthenticated attackers to trigger a login link request for any user, including administrators, and then exploit the race condition between QR code file creation and deletion to obtain the login URL encoded in the QR code, thereby gaining unauthorized access to the targeted user\u0027s account."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-269",
                  "description": "CWE-269 Improper Privilege Management",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:57:42.720Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/65066a17-653b-4444-9bd0-894ea8c1acb1?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/magic-login-mail/trunk/lib/class-magicloginmail.php#L325"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/magic-login-mail/trunk/lib/class-magicloginmail.php#L250"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3460417/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2026-02-13T16:21:07.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Magic Login Mail or QR Code \u003c= 2.05 - Unauthenticated Privilege Escalation via Insecure QR Code File Storage"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2026-2144",
        "datePublished": "2026-02-14T04:35:40.772Z",
        "dateReserved": "2026-02-07T00:47:48.353Z",
        "dateUpdated": "2026-04-08T16:57:42.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-13897 (GCVE-0-2024-13897)

    Vulnerability from cvelistv5 – Published: 2025-03-06 08:21 – Updated: 2026-04-08 17:03
    VLAI
    Title
    Moving Media Library <= 1.22 - Authenticated (Administrator+) Directory Traversal to Arbitrary File Deletion
    Summary
    The Moving Media Library plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the generate_json_page function in all versions up to, and including, 1.22. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
    Assigner
    Impacted products
    Vendor Product Version
    katsushi-kawamori Moving Media Library Affected: 0 , ≤ 1.22 (semver)
    Create a notification for this product.
    Credits
    Emil
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-13897",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-06T16:34:51.224220Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-06T16:35:05.552Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Moving Media Library",
              "vendor": "katsushi-kawamori",
              "versions": [
                {
                  "lessThanOrEqual": "1.22",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Emil"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Moving Media Library plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the generate_json_page function in all versions up to, and including, 1.22. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 6.5,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-22",
                  "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:03:43.787Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/815ce00b-3753-4c38-8a30-5242a5841734?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/moving-media-library/trunk/lib/class-movingmedialibraryadmin.php#L166"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3244709/moving-media-library/trunk/lib/class-movingmedialibraryadmin.php"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-03-05T20:19:26.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Moving Media Library \u003c= 1.22 - Authenticated (Administrator+) Directory Traversal to Arbitrary File Deletion"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-13897",
        "datePublished": "2025-03-06T08:21:38.783Z",
        "dateReserved": "2025-02-20T19:20:20.695Z",
        "dateUpdated": "2026-04-08T17:03:43.787Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2024-12637 (GCVE-0-2024-12637)

    Vulnerability from cvelistv5 – Published: 2025-01-17 07:01 – Updated: 2026-04-08 17:03
    VLAI
    Title
    Moving Users <= 1.05 - Unauthenticated Sensitive Information Exposure
    Summary
    The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable locations with guessable file names when exporting user data. This could allow unauthenticated attackers to extract sensitive user data, for instance, email addresses, hashed passwords, and IP addresses.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    katsushi-kawamori Moving Users Affected: 0 , ≤ 1.05 (semver)
    Create a notification for this product.
    Credits
    Emil
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2024-12637",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-01-17T13:32:32.449433Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-12T18:44:10.720Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "Moving Users",
              "vendor": "katsushi-kawamori",
              "versions": [
                {
                  "lessThanOrEqual": "1.05",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Emil"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable locations with guessable file names when exporting user data. This could allow unauthenticated attackers to extract sensitive user data, for instance, email addresses, hashed passwords, and IP addresses."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 5.3,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:03:52.720Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/8209761c-2cfe-49b9-ab4c-49a9a13b5dcf?source=cve"
            },
            {
              "url": "https://wordpress.org/plugins/moving-users/"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026old=3223894%40moving-users\u0026new=3223894%40moving-users\u0026sfp_email=\u0026sfph_mail="
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-01-16T18:23:12.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "Moving Users \u003c= 1.05 - Unauthenticated Sensitive Information Exposure"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2024-12637",
        "datePublished": "2025-01-17T07:01:28.253Z",
        "dateReserved": "2024-12-14T12:40:14.521Z",
        "dateUpdated": "2026-04-08T17:03:52.720Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }