WordPress Plugin Vulnerabilities

ZoomSounds < 3.0 - Remote File Upload

Description

The dzs-zoomsounds WordPress plugin was affected by a Remote File Upload security vulnerability.

Affects Plugins

Plugin icon
dzs-zoomsounds
Fixed in 3.0

References

CVE
CVE-2015-9471
Exploitdb
37166
URL
https://packetstormsecurity.com/files/#132124/
URL
http://digitalzoomstudio.net/docs/wpzoomsounds/

Miscellaneous

Submitter
ethicalhack3r
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
88094b63-44b6-4460-ab48-4355bd887887

Timeline

Publicly Published
2015-06-01 (about 10 years ago)
Added
2015-06-01 (about 10 years ago)
Last Updated
2021-02-25 (about 5 years ago)

Other

Published
Title
Published
2025-06-02
Title
Bit File Manager – 100% Free & Open Source File Manager and Code Editor for WordPress < 6.8 - Authenticated (Subscriber+) Stored Cross-Site Scripting via SVG File Uploads
Published
2024-10-25
Title
Woocommerce Product Design <= 1.0.0 - Unauthenticated Arbitrary File Upload
Published
2024-11-13
Title
Gallerio <= 1.01 - Authenticated (Subscriber+) Arbitrary File Upload
Published
2023-06-16
Title
Unlimited Elements For Elementor < 1.5.67 - Contributor+ Arbitrary File Upload
Published
2026-04-17
Title
CMP < 4.1.17 - Admin+ Arbitrary File Upload and Remote Code Execution