Full Disclosure

Remote file download vulnerability in download-zip-attachments v1.0

June 26, 2015 007admin Leave a comment

Posted by Larry W. Cashdollar on Jun 26

Title: Remote file download vulnerability in download-zip-attachments v1.0
Author: Larry W. Cashdollar, @_larry0
Date: 2015-06-10
Download Site: https://wordpress.org/plugins/download-zip-attachments/
Vendor: rivenvirus
Vendor Notified: 2015-06-15
Vendor Contact: https://profiles.wordpress.org/rivenvirus/
Advisory: http://www.vapid.dhs.org/advisory.php?v=129
Description:
Download all attachments from the post into a zip file.

Vulnerability:…

Leave a Reply Cancel reply

You must be logged in to post a comment.

Software and Security Information