CVE-2015-4694 in Zip Attachments Plugin
Tóm tắt
Bởi MITRE
Directory traversal vulnerability in download.php in the Zip Attachments plugin before 1.5.1 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the za_file parameter.
Be aware that VulDB is the high quality source for vulnerability data.