WordPress Plugin Vulnerabilities

Aspose Cloud eBook Generator - File Download

Description

The Aspose Cloud eBook Generator WordPress plugin was affected by a File Download security vulnerability.

Proof of Concept

Affects Plugins

Plugin icon
aspose-cloud-ebook-generator
No known fix

References

URL
https://packetstormsecurity.com/files/#131040/

Classification

Type
LFI
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Submitter
pvdl
Verified
No
WPVDB ID
5ce99ca5-d68c-45a2-a84b-f5d1dc66f8ad

Timeline

Publicly Published
2015-03-27 (about 11 years ago)
Added
2015-03-27 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2024-11-22
Title
MP3 Sticky Player < 8.0 - Unauthenticated Arbitrary File Read/Download
Published
2026-04-09
Title
Perfmatters < 2.6.0 - Authenticated (Subscriber+) Arbitrary File Overwrite via 'snippets' Parameter
Published
2025-06-03
Title
Welcart e-Commerce < 2.11.14 - Authenticated (Editor+) Arbitrary File Deletion
Published
2026-05-04
Title
Loco Translate < 2.8.3 - Translator+ Path Traversal to Limited File Read via 'ref' Parameter
Published
2026-03-09
Title
The Events Calendar < 6.15.17.1 - Author+ Arbitrary File Read