Download Monitor <= 1.6.3 - Authenticated Directory Listing



Description
Directory listing vulnerability that can lead to information disclosure. Authenticated users can list sever side files and directories.

Affects Plugin

fixed in version 1.6.4

References

URL https://web.archive.org/web/20150626191631/https://research.evex.pw/?vuln=7

Classification

Type BYPASS

Miscellaneous

Submitter Abdallah Samman
Submitter Twitter Evex_1337
Views 4516
Verified No
WPVDB ID 7829

Timeline

Publicly Published 2015-03-08 (over 5 years ago)
Added 2015-03-09 (over 5 years ago)
Last Updated 2019-10-21 (9 months ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin