Unrated severityNVD Advisory· Published Jun 24, 2015· Updated May 6, 2026

CVE-2015-5065

Description

Absolute path traversal vulnerability in proxy.php in the google currency lookup in the Paypal Currency Converter Basic For WooCommerce plugin before 1.4 for WordPress allows remote attackers to read arbitrary files via a full pathname in the requrl parameter.

Affected products

Intelligent It/Paypal Currency Converter Basic For Woocommerce
cpe:2.3:a:intelligent-it:paypal_currency_converter_basic_for_woocommerce:*:*:*:*:*:wordpress:*:*
Range: <1.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wordpress.org/plugins/paypal-currency-converter-basic-for-woocommerce/changelog/nvdPatchThird Party Advisory
packetstormsecurity.com/files/132278/WordPress-Paypal-Currency-Converter-Basic-For-Woocommerce-1.3-File-Read.htmlnvdExploitThird Party AdvisoryVDB Entry
www.exploit-db.com/exploits/37253/nvdExploitThird Party AdvisoryVDB Entry
www.securityfocus.com/bid/75416nvdThird Party AdvisoryVDB Entry
plugins.trac.wordpress.org/changeset/1179092/paypal-currency-converter-basic-for-woocommercenvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.028
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000