Find out about vulnerable plugins in your websites for free.
Cross-Site Request Forgery (CSRF) vulnerability discovered by Ngo Van Thien (Patchstack Red Team) in the WordPress Media File Renamer plugin (versions <= 5.1.9). Affected parameters "post_title", "filename", "lock". This allows changing the uploaded media title, media file name, and media locking state.
Update the WordPress Media File Renamer plugin to the latest available version (at least 5.2.0).