WordPress Plugin Vulnerabilities

S3Bubble Amazon S3 Video And Audio Streaming With Analytics <= 2.0 - Arbitrary File Download

Description

The s3bubble-amazon-s3-audio-streaming WordPress plugin was affected by an Arbitrary File Download security vulnerability.

Affects Plugins

Plugin icon
s3bubble-amazon-s3-audio-streaming
No known fix

References

CVE
CVE-2015-9463
URL
https://packetstormsecurity.com/files/#132578/

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
7.5 (high)

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
05032733-7c47-42bf-a6ce-c3965305e29f

Timeline

Publicly Published
2015-07-07 (about 10 years ago)
Added
2015-07-09 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2025-07-01
Title
Home Villas | Real Estate WordPress Theme <= 2.8 - Authenticated (Subscriber+) Arbitrary File Deletion
Published
2026-02-25
Title
Squeeze < 1.7.8 - Authenticated (Subscriber+) Directory Traversal
Published
2025-08-06
Title
Prevent files / folders access < 2.6.1 - Authenticated (Subscriber+) Path Traversal
Published
2024-11-11
Title
DigiPass <= 0.3.0 - Unauthenticated Arbitrary File Download
Published
2025-12-17
Title
NextGEN Gallery < 4.0.0 - Contributor+ Local File Inclusion via 'template'