WordPress Plugin Vulnerabilities

simple-image-manipulator <= 1.0 - Remote File Download

Description

Plugin is still affected and has been closed.

In ./simple-image-manipulator/controller/download.php no checks are made to authenticate the user or sanitize input when determining file location.

Proof of Concept

Affects Plugins

Plugin icon
simple-image-manipulator
No known fix

References

CVE
CVE-2015-1000010
Exploitdb
37753

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
7.5 (high)

Miscellaneous

Submitter
Larry W. Cashdollar
Submitter twitter
_larry0
Verified
No
WPVDB ID
40e84e85-7176-4552-b021-6963d0396543

Timeline

Publicly Published
2015-08-02 (about 10 years ago)
Added
2015-08-03 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2015-05-19
Title
Simple Backup <= 2.7.10 - Arbitrary File Download
Published
2025-04-09
Title
Oxygen MyData for WooCommerce < 1.0.65 - Unauthenticated Arbitrary File Deletion
Published
2014-08-01
Title
Vitamin 1.0 - minify.php path Parameter Traversal Arbitrary File Access
Published
2024-07-11
Title
HT Mega < 2.5.8 - Authenticated (Contributor+) JSON File Directory Traversal
Published
2026-04-13
Title
BackWPup < 5.6.7 - Admin+ Local File Inclusion via 'block_name' Parameter