ThreatPress

WordPress Vulnerabilities Database

Back

WordPress IBS Mappro Plugin <= 0.9 - Absolute Path Traversal

Product
IBS Mappro
Description
This vulnerability is in lib/download.php. It allows an attacker to read arbitrary files via a full pathname in the "file" parameter.
Solution
Update the plugin.
Classification
Type Local File Inclusion
References
CVE Mitre
CVE
Name CVE-2015-5472
Versions
Affected In <= 0.9
Fixed In 1.0
Disclosure date
2015-07-10