Unrated severityNVD Advisory· Published Aug 31, 2021· Updated May 5, 2025
ZoomSounds <= 6.45 Unauthenticated Directory Traversal and Sensitive Information Dislosure
CVE-2021-39316
Description
The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsap_download action using directory traversal in the link parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=6.45
- ZoomIt/ZoomSounds - WordPress Wave Audio Player with Playlistv5Range: 6.45
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/165146/WordPress-DZS-Zoomsounds-6.45-Arbitrary-File-Read.htmlmitrex_refsource_MISC
- www.wordfence.com/vulnerability-advisories/mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.