ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Zip Attachments Plugin <= 1.5.0 - Directory Traversal

Product
Zip Attachments
Description
This vulnerability allows an attacker to read arbitrary files in the "za_file" parameter.
Solution
Update the plugin.
Classification
Type BYPASS
References
CVE Mitre
CVE
Name CVE-N/A
Versions
Affected In <= 1.5.0
Fixed In 1.5.1
Disclosure date
2015-06-19
Credits
Larry W. Cashdollar
Submitter
ThreatPress