This WP Content Source Control plugin is prone to a directory-traversal vulnerability via “download.php”. It fails to clean up user-supplied input. Using this plugin allows an attacker to obtain an important information which could aid in further attacks.
Upgrade the plugin.
CPE | Name | Operator | Version |
---|---|---|---|
wp content source control | le | 3.0.0 |