CVE-2015-4616

Severity CVSS v4.0:
Pending analysis
Type:
CWE-22 Path Traversal
Publication date:
08/07/2015
Last modified:
12/04/2025

Description

Directory traversal vulnerability in includes/MapPinImageSave.php in the Easy2Map plugin before 1.2.5 for WordPress allows remote attackers to create arbitrary files via a .. (dot dot) in the map_id parameter.

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:easy2map_project:easy2map:*:*:*:*:*:wordpress:*:* 1.2.4 (including)