Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
WordPress Plugin Simple Image Manipulator Arbitrary File Download - CVE-2015-1000010 - Vulnerability Database
WP Plugin Simple Image Manipulator

WordPress Plugin Simple Image Manipulator Arbitrary File Download - CVE-2015-1000010

Medium
Reference: CVE-2015-1000010
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-1000010
Title: WordPress Plugin Simple Image Manipulator Arbitrary File Download
Overview:

WordPress Plugin Simple Image Manipulator is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information which may aid in launching further attacks. WordPress Plugin Simple Image Manipulator version 1.0 is vulnerable.