Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and previous versions for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
werdswords download shortcode 0.2 |
||
werdswords download shortcode 0.1 |
||
werdswords download shortcode |
||
werdswords download shortcode 0.2.2 |