Download Monitor <= 1.6.3 - Authenticated Directory Listing

Sign up to our free email alerts service for instant vulnerability notifications!

Description
Directory listing vulnerability that can lead to information disclosure. Authenticated users can list sever side files and directories.

Affects

Plugin download-monitor
fixed in version 1.6.4

References

URL http://web.archive.org/web/20150626191631/http://research.evex.pw/?vuln=7

Classification

Type BYPASS

Miscellaneous

Submitter Abdallah Samman
Submitter Twitter Evex_1337
Views 132
Verified No
WPVDB ID 7829

Timeline

Publicly Published 2015-03-08 (almost 2 years ago)
Added 2015-03-09 (almost 2 years ago)
Last Updated 2016-08-11 (4 months ago)

Copyright & License

Copyright All data and resources contained within this page and this web site is Copyright © The WPScan Team.
License Some of this data may be used for non-commercial purposes, however, any potential commercial usage of this data will require a license. If you would like to inquire about a commercial license please contact us.