PT-2011-3280 · WordPress · Wp Custom Pages

John Leitch

Published

2011-04-10

Updated

2017-08-17

CVE-2011-1669

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions WP Custom Pages module version 0.5.0.1 for WordPress

Description The issue allows remote attackers to read arbitrary files due to a directory traversal vulnerability in the wp-download.php file. This is achieved by using ..%2F (encoded dot dot) sequences in the url parameter.

Recommendations For WP Custom Pages module version 0.5.0.1, consider restricting access to the wp-download.php file until a patch is available. As a temporary workaround, avoid using the url parameter in the affected API endpoint until the issue is resolved.

Exploit

Fix

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

CVE-2011-1669

Affected Products

Wp Custom Pages

PT-2011-3280 · WordPress · Wp Custom Pages

CVE-2011-1669

Weakness Enumeration

Related Identifiers

Affected Products

References · 9