Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
download plugin vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2008-3362
Unrestricted file upload vulnerability in upload.php in the Giulio Ganci Wp Downloads Manager module 0.2 for WordPress allows remote malicious users to execute arbitrary code by uploading a file with an executable extension via the upfile parameter, then accessing it via a direct...
Giulio Ganci Wp Downloads Manager 0.2
Wordpress Wp Downloads Manager 0.2
1 EDB exploit
5.3
CVSSv3
CVE-2015-5471
Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote malicious users to read arbitrary files via a full pathname in the file parameter.
Swim Team Project Swim Team 1.44.10777
1 EDB exploit
NA
CVE-2013-7240
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the dew_file parameter.
Westerndeal Advanced Dewplayer 1.2
Wordpress Wordpress -
1 EDB exploit
1 Github repository
9.8
CVSSv3
CVE-2017-1002008
Vulnerability in wordpress plugin membership-simplified-for-oap-members-only v1.58, The file download code located membership-simplified-for-oap-members-only/download.php does not check whether a user is logged in and has download privileges.
Membership Simplified Project Membership Simplified 1.58
1 EDB exploit
7.5
CVSSv3
CVE-2015-5468
Directory traversal vulnerability in the WP e-Commerce Shop Styling plugin prior to 2.6 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the filename parameter to includes/download.php.
Wpshopstyling Wp E-commerce Shop Styling
1 EDB exploit
NA
CVE-2015-1579
Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate ...
Elegant Themes Divi -
2 EDB exploits
4 Github repositories
NA
CVE-2014-9734
Directory traversal vulnerability in the Slider Revolution (revslider) plugin prior to 4.2 for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php.
Themepunch Slider Revolution
2 EDB exploits
NA
CVE-2014-92601
WordPress Download Manager plugin version 2.7.2 suffers from a privilege escalation vulnerability.
NA
CVE-2008-4401
ActionScript in Adobe Flash Player 9.0.124.0 and previous versions does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which all...
Adobe Flash Player 7.0.1
Adobe Flash Player 7.0.70.0
Adobe Flash Player 7.0 R67
Adobe Flash Player 8.0.35.0
Adobe Flash Player 8.0.39.0
Adobe Flash Player 7.0
Adobe Flash Player 7.1
Adobe Flash Player 7.1.1
Adobe Flash Player 9.0
Adobe Flash Player 9.0.112.0
Adobe Flash Player 7.0.25
Adobe Flash Player 7.2
Adobe Flash Player 8.0
Adobe Flash Player 9.0.114.0
Adobe Flash Player 9.0.115.0
Adobe Flash Player 7.0.63
Adobe Flash Player 7.0.69.0
Adobe Flash Player 8.0.24.0
Adobe Flash Player 8.0.34.0
Adobe Flash Player
NA
CVE-2010-0696
Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 up to and including 3.2 for Joomla! allows remote malicious users to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
Joomlaworks Jw Allvideos 3.2
Joomlaworks Jw Allvideos 3.1
Joomlaworks Jw Allvideos 3.0
1 EDB exploit
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »