WordPress Publication Archive Plugin 2.0.1 - Information Disclosure Vulnerability

wp-publication-archive

Software
WP Publication Archive
Versions
<= 2.0.1
Disclosure date
2011-01-23
CVE
CVE-N/A
References
Credits
Classification
Information Disclosure
OWASP Top 10

Are your websites subject to this vulnerability?

Details

WP Publication Archive plugin's "file" parameter is prone to an information-disclosure vulnerability. Application fails to validate user-supplied data. Because of this issue, an attacker can download arbitrary files from the affected application. In that way, the attacker obtains sensitive information.

Solution

Update the plugin.

Found a vulnerability that puts your sites at risk?

Found a vulnerability? Help us secure the web and join our community of ethical hackers.

Are you the developer of this software? Hire our researchers for a thorough security audit.