The aoa-downloadable WordPress plugin through 0.1.0 doesnt validate a parameter in its download function, allowing unauthenticated attackers to download arbitrary files from the server
Name | Vendor | Start Version | End Version |
---|---|---|---|
Downloadable_by_american_osteopathic_association | Osteopathic | * | 0.1.0 (including) |