wordpress force force-download.php parameter file arbitrary File Download vulnerability

No description provided by source...

MediaSuite.ca File Disclosure

. | | / | | \ \ | | \ / | |\ / / /\ \ / \ | / ^ / / || / / / / /\ /\ \ \ \ | / \ / http://twitter.com/h4SEC / \ | \ \ Proof Video: https://www.youtube.com/watch?v=7yxbfD1YK8Y / // / \ / My + Author : KnocKout E-Mail : [email protected] Twitter: http://twitter.com/h4SEC HomePage :...

CVE-2014-5465

Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

Directory traversal

Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...

CVE-2014-5465

The CVE-2014-5465 issue affects the WordPress ShortCode Plugin (Download ShortCode) version 0.2.3 and earlier, where force-download.php is vulnerable to directory traversal via a .. in the file parameter, enabling reading arbitrary local files. OpenVAS/PRION/CVE references corroborate a Local Fil...

CVE-2014-5465

Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. dot dot in the file parameter...