Description
WordPress Plugin Memphis Documents Library is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin Memphis Documents Library version 3.1.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.1.6 or latest
References
https://www.exploit-db.com/exploits/39593/
https://wordpress.org/plugins/memphis-documents-library/changelog/
Related Vulnerabilities
Drupal Core 8.x.x Cross-Site Request Forgery (8.0.0 - 8.8.12)
WordPress Plugin Conduit Banner 'banner-index-field-id' Parameter Cross-Site Scripting (0.2)
WordPress Plugin wp audio gallery playlist 'playlist.php' SQL Injection (0.12)
WordPress Plugin Feed Changer & Remover Cross-Site Scripting (0.2)
WordPress Plugin Visitor Traffic Real Time Statistics Unspecified Vulnerability (2.13)