WordPress Plugin Vulnerabilities

Download Ad Manager by WD - Arbitrary File Download

Description

The 10WebAdManager WordPress plugin was affected by an Arbitrary File Download security vulnerability.

Affects Plugins

Plugin icon
ad-manager-wd
Fixed in 1.0.13

References

Exploitdb
46252

Classification

Type
TRAVERSAL
OWASP top 10
A1: Injection
CWE
CWE-22

Miscellaneous

Original Researcher
41!kh4224rDz
Submitter
Ryan Dewhurst
Submitter twitter
ethicalhack3r
Verified
No
WPVDB ID
d761d590-964a-409f-ab96-d77bc02671e5

Timeline

Publicly Published
2019-01-25 (about 7 years ago)
Added
2019-01-29 (about 7 years ago)
Last Updated
2019-11-01 (about 6 years ago)

Other

Published
Title
Published
2024-08-16
Title
BackWPup < 4.0.2 - Admin+ Directory Traversal
Published
2024-06-24
Title
WordPress < 6.5.5 - Contributor+ Path Traversal in Template-Part Block
Published
2019-07-12
Title
Ad Inserter <= 2.4.19 - Authenticated Path Traversal
Published
2018-10-27
Title
ARForms < 3.5.2 - Unauthenticated Arbitrary File Deletion
Published
2017-10-20
Title
Multiple Plugins - jQueryFileTree - Unauthenticated Path Traversal