ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Publication Archive Plugin 2.0.1 - Information Disclosure Vulnerability

Product
WP Publication Archive
Description
WP Publication Archive plugin's "file" parameter is prone to an information-disclosure vulnerability. Application fails to validate user-supplied data. Because of this issue, an attacker can download arbitrary files from the affected application. In that way, the attacker obtains sensitive information.
Solution
Update the plugin.
Classification
Type Information Disclosure
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 2.0.1
Fixed In 2.0.2
Disclosure date
2011-01-23
Credits
AutoSec Tools