WordPress Plugin Vulnerabilities

MP3-jPlayer < 2.5 - Full Path Disclosure

Description

The download.php code allows arbitrary users to disclose path information on WordPress sites with this plugin installed.

120 $info = "<p>
121 Get: " . $mp3 . "<br />
122 Sent: " . $sent . "<br />
123 File: " . $file . "<br />
124 Open: " . $_SERVER['DOCUMENT_ROOT'] . $fp . "<br />
125 Root: " . $rooturl . "<br />
126 pID: " . $playerID . "<br />
127 Dbug: " . $dbug . "<br />
128 extension: " . $fileExtension . "</p>";
129 echo $info;

Proof of Concept

Affects Plugins

Plugin icon
mp3-jplayer
Fixed in 2.5

References

CVE
CVE-2015-1000008

Classification

Type
FPD
OWASP top 10
A6: Security Misconfiguration
CWE
CWE-209
CVSS
5.3 (medium)

Miscellaneous

Submitter
Larry W. Cashdollar
Submitter twitter
_larry0
Verified
No
WPVDB ID
daaba54a-e67c-4fee-a92f-98650fd77068

Timeline

Publicly Published
2015-08-06 (about 10 years ago)
Added
2015-08-10 (about 10 years ago)
Last Updated
2020-09-22 (about 5 years ago)

Other

Published
Title
Published
2014-08-01
Title
Feather12 - Multiple Script Direct Request Path Disclosure
Published
2014-08-01
Title
Jigoshop 1.8 - Multiple Script Direct Request Path Disclosure
Published
2014-08-01
Title
Starbox Voting - ajax.php Full Path Disclosure
Published
2025-02-20
Title
C9 Blocks <= 1.7.7 - Unauthenticated Full Path Disclosure
Published
2014-08-01
Title
onepagewebsite - Full Path Disclosure