ThreatPress

WordPress Vulnerabilities Database

Back

WordPress WP Content Source Control Plugin - Directory Traversal

Product
WP Content Source Control
Description
This WP Content Source Control plugin is prone to a directory-traversal vulnerability via "download.php". It fails to clean up user-supplied input. Using this plugin allows an attacker to obtain an important information which could aid in further attacks.
Solution
Upgrade the plugin.
Classification
Type Information Disclosure
References
Exploit-DB
CVE
Name CVE-2014-5368
Versions
Affected In <= 3.0.0
Fixed In 3.0.1
Disclosure date
2014-08-19
Credits
Henri Salo