CVE-2011-1669

Directory traversal vulnerability in wp-download.php in the WP Custom Pages module 0.5.0.1 for WordPress allows remote attackers to read arbitrary files via ..%2F (encoded dot dot) sequences in the url parameter.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:mikoviny:wp_custom_pages:0.5.0.1:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:*:*:*:*:*:*:*:*

Information

Published : 2011-04-09 19:51

Updated : 2017-08-16 18:34


NVD link : CVE-2011-1669

Mitre link : CVE-2011-1669


JSON object : View

CWE
CWE-22

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

Advertisement

dedicated server usa

Products Affected

mikoviny

  • wp_custom_pages

wordpress

  • wordpress