The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsap_download action using directory traversal in the link...
7.5CVSS
7.5AI Score
0.375EPSS
The dzs-zoomsounds plugin through 2.0 for WordPress has admin/upload.php arbitrary file...
9.8CVSS
9.5AI Score
0.005EPSS