ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Advanced Dewplayer Plugin <= 1.2 - Traversal Arbitrary File Access

Product
Advanced Dewplayer
Description
This plugin is prone to a download-file.php dew_file parameter traversal arbitrary file access vulnerability.
Solution
Update the plugin.
Classification
Type Directory Traversal
References
Secunia
CVE
Name CVE-N/A
Versions
Affected In <= 1.2
Fixed In 1.3
Disclosure date
2014-08-01