High severity7.5NVD Advisory· Published May 23, 2017· Updated Jun 17, 2026
CVE-2015-4704
CVE-2015-4704
Description
Directory traversal vulnerability in the Download Zip Attachments plugin 1.0 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the File parameter to download.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:download_zip_attachments_project:download_zip_attachments:1.0:*:*:*:*:wordpress:*:*
- Range: 1.0
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/132459/Download-Zip-Attachments-1.0-File-Download.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.vapid.dhs.org/advisory.phpnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.