Unrated severityNVD Advisory· Published Jan 3, 2014· Updated Jun 17, 2026
CVE-2013-7240
CVE-2013-7240
Description
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7- cpe:2.3:a:westerndeal:advanced_dewplayer:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*
- Range: =1.2
- osv-coords4 versionspkg:apk/chainguard/wordpresspkg:apk/chainguard/wordpress-oci-entrypointpkg:apk/wolfi/wordpresspkg:apk/wolfi/wordpress-oci-entrypoint
< 0+ 3 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.