ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Miwo FTP Plugin <= 1.0.4 - Arbitrary File Disclosure

Product
Miwo FTP
Description
Because of this vulnerability, users can download a file within the scope of the home directory of the site.
Solution
Update this plugin.
Classification
Type Local File Inclusion
OWASP Top 10 A1: Injection
References
Research-G0blin
CVE
Name CVE-N/A
Versions
Affected In <= 1.0.4
Fixed In 1.0.5
Disclosure date
2015-03-16
Credits
James Hooker