RSS   Vulnerabilities for 'Wp custom pages'   RSS

2011-04-09
 
CVE-2011-1669

CWE-22
 

 
Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top