Shodan
Maps
Images
Monitor
Developer
More...
Dashboard
View Api Docs
Vulnerabilities
By Date
Known Exploited
Advanced Search
Vulnerable Software
Vendors
Products
Vulnerability Details CVE-2015-5471
Absolute path traversal vulnerability in include/user/download.php in the Swim Team plugin 1.44.10777 for WordPress allows remote attackers to read arbitrary files via a full pathname in the file parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score
0.38
EPSS Ranking
97.1%
CVSS Severity
CVSS v3 Score
5.3
CVSS v2 Score
5.0
References
http://michaelwalsh.org/blog/2015/07/wp-swimteam-v1-45-beta-3-now-available/
http://packetstormsecurity.com/files/132653/WordPress-WP-SwimTeam-1.44.10777-Arbitrary-File-Download.html
http://www.securityfocus.com/bid/75600
http://www.vapid.dhs.org/advisory.php?v=134
https://wordpress.org/support/topic/security-vulnerability-6
https://wpvulndb.com/vulnerabilities/8071
http://michaelwalsh.org/blog/2015/07/wp-swimteam-v1-45-beta-3-now-available/
http://packetstormsecurity.com/files/132653/WordPress-WP-SwimTeam-1.44.10777-Arbitrary-File-Download.html
http://www.securityfocus.com/bid/75600
http://www.vapid.dhs.org/advisory.php?v=134
https://wordpress.org/support/topic/security-vulnerability-6
https://wpvulndb.com/vulnerabilities/8071
Products affected by CVE-2015-5471
Swim Team Project
»
Swim Team
»
Version:
1.44.10777
cpe:2.3:a:swim_team_project:swim_team:1.44.10777
Products
Monitor
Search Engine
Developer API
Maps
Bulk Data
Images
Snippets
Pricing
Membership
API Subscriptions
Enterprise
Contact Us
support@shodan.io
Shodan ® - All rights reserved