Description
WordPress Plugin Memphis Documents Library is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin Memphis Documents Library version 3.1.5 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 3.1.6 or latest
References
https://www.exploit-db.com/exploits/39593/
https://wordpress.org/plugins/memphis-documents-library/changelog/
Related Vulnerabilities
Joomla! Core 1.7.0 Cross-Site Scripting (1.7.0)
MySQL CVE-2015-0498 Vulnerability (CVE-2015-0498)
WordPress Plugin Easy Registration Forms Cross-Site Scripting (1.8.3)
WordPress Plugin Smart Slider 2 Multiple Cross-Site Scripting Vulnerabilities (2.3.11)
WordPress Plugin WordPress Infinite Scroll-Ajax Load More SQL Injection (5.3.1)