9.3 High
AI Score
Confidence
High
0.265 Low
EPSS
Percentile
96.8%
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a … (dot dot) in the dew_file parameter.
seclists.org/oss-sec/2013/q4/566
seclists.org/oss-sec/2013/q4/570
wordpress.org/support/topic/security-vulnerability-cve-2013-7240-directory-traversal
www.securityfocus.com/bid/64587