Lucene search
+L

48 matches found

CNNVD
CNNVD
added 2024/10/16 12:0 a.m.5 views

WordPress plugin ZoomSounds 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

9.8CVSS7.1AI score0.05288EPSS
Exploits2References8
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.6 views

PT-2024-11046

Name of the Vulnerable Software and Affected Versions ZoomSounds plugin for WordPress versions up to, and including, 5.96 Description The issue is related to missing file type validation in the 'savepng.php' file, which allows unauthenticated attackers to upload arbitrary files on the affected...

9.8CVSS7.6AI score0.05288EPSS
Exploits2References15
VulnCheck KEV
VulnCheck KEV
added 2023/11/22 12:0 a.m.4 views

VulnCheck KEV: CVE-2021-39316

The Zoomsounds plugin = 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsapdownload action using directory traversal in the link parameter...

7.5CVSS7.2AI score0.66543EPSS
Exploits5References1
OSV
OSV
added 2021/08/31 12:15 p.m.6 views

CVE-2021-39316

The Zoomsounds plugin = 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsapdownload action using directory traversal in the link parameter...

7.5CVSS7.4AI score0.66543EPSS
Exploits5References2
Prion
Prion
added 2021/08/31 12:15 p.m.19 views

Directory traversal

The Zoomsounds plugin = 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsapdownload action using directory traversal in the link parameter...

5CVSS7.5AI score0.66543EPSS
Exploits5References2Affected Software1
Vulnrichment
Vulnrichment
added 2021/08/31 11:5 a.m.11 views

CVE-2021-39316 ZoomSounds <= 6.45 Unauthenticated Directory Traversal and Sensitive Information Dislosure

The Zoomsounds plugin = 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsapdownload action using directory traversal in the link parameter...

7.5CVSS7.6AI score0.66543EPSS
Exploits5References2
Positive Technologies
Positive Technologies
added 2021/08/31 12:0 a.m.8 views

PT-2021-22525 · WordPress · Zoomsounds

Name of the Vulnerable Software and Affected Versions: Zoomsounds plugin versions = 6.45 for WordPress Description: The issue allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsap download action using directory traversal in the link...

7.5CVSS9.4AI score0.66543EPSS
Exploits5References7
CNVD
CNVD
added 2019/10/17 12:0 a.m.5 views

WordPress dzs-zoomsounds plugin code issue vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. dzs-zoomsounds is an audio player plugin that is used in it. A code issue vulnerability exists in the WordPress dzs-zoomsounds plugin...

9.8CVSS7AI score0.03959EPSS
Exploits0References1
Rows per page
Query Builder