WordPress Plugin DukaPress Directory Traversal - CVE-2014-8799

WordPress Plugin DukaPress is prone to a directory traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue can allow an attacker to obtain sensitive information that could aid in further attacks. WordPress Plugin DukaPress version 2.5.2 is vulnerable prior versions may also be affected.