CVE-2012-10016
CVSS 3.1 Score 7.5 of 10 (high)
Details
Summary
CVE-2012-10016 is a newly identified vulnerability affecting the Halulu simple-download-button-shortcode Plugin 1.0 on WordPress. The issue lies within an unknown function in the file simple-download-button_dl.php, specifically the Download Handler component. This vulnerability allows for information disclosure through manipulation of the 'file' argument, and can be exploited remotely. Upgrading to version 1.1 of the plugin is recommended to resolve the issue, with the patch identified as e648a8706818297cf02a665ae0bae1c069dea5f1. VDB-242190 has been assigned to this vulnerability.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.