Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Download Zip Attachments Arbitrary File Download - CVE-2015-4704 - Vulnerability Database
WP Plugin Download Zip Attachments

WordPress Plugin Download Zip Attachments Arbitrary File Download - CVE-2015-4704

Medium
Reference: CVE-2015-4704
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-4704
Title: WordPress Plugin Download Zip Attachments Arbitrary File Download
Overview:

WordPress Plugin Download Zip Attachments is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information which may aid in launching further attacks. WordPress Plugin Download Zip Attachments version 1.0.0 is vulnerable.