2 matches found
CVE-2015-4704
Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the File parameter to download.php...
CVE-2015-4704
CVE-2015-4704 is a directory traversal vulnerability in the WordPress plugin Download Zip Attachments 1.0. It allows remote attackers to read arbitrary files by supplying a .. in the File parameter to download.php, due to insufficient input/path validation. Affected software: WordPress Download Z...