CVE-2019-9618 Scanner
CVE-2019-9618 scanner - Local File Inclusion (LFI) vulnerability in GraceMedia Media Player plugin for WordPress
Short Info
Level
Critical
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 seconds
Time Interval
1 month 1 day
Scan only one
URL
Toolbox
-
The GraceMedia Media Player plugin 1.0 for WordPress is a player that allows users to add audio and video files to their website easily. It is a plugin designed to simplify the process of uploading and integrating media files into web pages. With GraceMedia Media Player, WordPress website owners can customize their audio and video content with different player skins, playlists, and captions, among other features. The plugin is widely used by content creators, music artists, and businesses looking to enhance their online presence with rich media.
CVE-2019-9618 is a vulnerability that has been detected in GraceMedia Media Player plugin version 1.0 for WordPress. This vulnerability is caused by a Local File Inclusion (LFI) that can be exploited by attackers to execute arbitrary code on the server. The LFI occurs in the “cfg” parameter of the plugin, which allows users to import configuration files. An attacker can use this vulnerability to access sensitive files on the server, such as configuration files, passwords, and user data.
When exploited, this vulnerability can have severe consequences for website owners. Attackers can use the access they gain through the LFI to initiate further attacks, such as injection attacks or brute-force attacks, which may result in the complete compromise of the website. In addition, attackers can use the stolen data for identity theft, financial fraud, or other malicious activities.
In conclusion, GraceMedia Media Player plugin 1.0 for WordPress is a popular player used by many website owners to add audio and video files to their websites. However, it has been found to have a critical vulnerability (CVE-2019-9618) that can be exploited by attackers to compromise the website. Website owners should take necessary precautions to protect their websites from this vulnerability and other threats. With s4e.io's pro features, website owners can quickly identify and remediate vulnerabilities in their digital assets to safeguard them against cyberattacks.
REFERENCES
