Mehdi Karout & Christian Galeone

1 exploit Active since Sep 2014
CVE-2014-5465 EXPLOITDB text WORKING POC
Download Shortcode < 0.2.3 - Path Traversal via File Parameter
Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.