WordPress Plugin Vulnerabilities

S3Bubble <= 0.7 - Directory Traversal leading to Arbitrary File Access

Description

The last time it was checked the plugin was still affected and had been closed.

Affects Plugins

Plugin icon
s3bubble-amazon-s3-html-5-video-with-adverts
No known fix

References

CVE
CVE-2015-9464
Exploitdb
37494

Classification

Type
TRAVERSAL
OWASP top 10
A1: Injection
CWE
CWE-22
CVSS
7.5 (high)

Miscellaneous

Verified
No
WPVDB ID
a7ad1483-3ece-48a2-96e5-c88ad3541636

Timeline

Publicly Published
2015-07-05 (about 10 years ago)
Added
2019-10-11 (about 6 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2022-09-14
Title
Enable Media Replace < 4.0.0 - Admin+ Path Traversal
Published
2022-08-09
Title
WPide < 3.0 - Admin+ Arbitrary File Read
Published
2022-04-28
Title
All-in-One WP Migration < 7.59 - Admin+ File Deletion on Windows Hosts via Path Traversal
Published
2022-11-30
Title
Easy WP SMTP < 1.5.2 - Admin+ Arbitrary File Access
Published
2012-01-16
Title
myEASYbackup <= 1.0.8.1 - Directory Traversal