https://www.pluginvulnerabilities.com/2017/10/05/vulnerability-details-arbitrary-file-upload-vulnerability-in-mb-miniaudioplayer/

From time to time a vulnerability is fixed in a plugin without the discoverer putting out a report on the vulnerability and we will put out a post detailing the vulnerability so that we can provide our customers with more complete information on the vulnerability.

Recently we had a request on this website for the following URL:

/wp-content/plugins/wp-miniaudioplayer/map_download.php?fileurl=../../../wp-config.php

That looked

Share This