🧹It's time for some spring cleaning! All researchers earn over 6.25x our normal bounty rates, through May 27th, 2024, when Wordfence handles responsible disclosure for our Spring Cleaning Bug Extravaganza! Learn more about our bug bounty program
Register as a researcher and submit your vulnerabilities today!

Vulnerabilities protected by our Directory Traversal (Requesting wp-config.php) firewall rule

580,524

Attacks Blocked in Past 24 Hours

Showing 121-140 of 225 Vulnerabilities

IBS Mappro < 1.0 - Directory Traversal

7.5

CVE-2015-5472

Jul 8, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Swim Team < 1.45.1085 - Directory Traversal

5.3

CVE-2015-5471

Jul 8, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

S3Bubble Cloud Video with Adverts and Analytics < 4.8 - Arbitrary File Download

7.5

CVE-2015-9463

Jul 7, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

WP eCommerce Shop Styling < 2.6 - Directory Traversal

7.5

CVE-2015-5468

Jul 5, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

S3 Bubble Amazon S3 HTML5 Video with Adverts <= 0.7 - Directory Traversal to Arbitrary File Access

7.5

CVE-2015-9464

Jul 5, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

MDC YouTube Downloader < 2.1.1 - Directory Traversal

7.5

CVE-2015-5469

Jul 2, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Image Export < 1.1.1 - Path Traversal

9.1

CVE-2015-5609

Jul 1, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Download ZIP Attachments <= 1.0 - Directory Traversal

7.5

CVE-2015-4704

Jun 26, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

WordPress Renaming Tool by Vlajo <= 1.0 - Path Traversal

7.5

CVE-2015-4703

Jun 12, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Zip Attachments <= 1.5 - Directory Traversal

8.6

CVE-2015-4694

Jun 12, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N

PayPal Currency Converter BASIC for WooCommerce <= 1.3 - Path Traversal to Arbitrary File Read

5.3

CVE-2015-5065

Jun 10, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Easy2Map <= 1.2.4 - Directory Traversal

6.5

CVE-2015-4616

Jun 8, 2015

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Easy2map-photos <= 1.0.9 - Path Traversal

5.3

CVE-2015-4617

Jun 8, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

SE HTML5 Album Audio Player <= 1.1.0 - Directory Traversal

9.8

CVE-2015-4414

Jun 6, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Simple Backup <= 2.7.10 - Arbitrary File Download via Path Traversal

7.5

CVE ID Unknown

May 19, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

My Calendar <= 2.3.29 - Path Traversal to Remote Code Execution

9.8

CVE ID Unknown

May 15, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

TheCartPress eCommerce Shopping Cart <= 1.5.3.6 - Directory Traversal

4.9

CVE-2015-3301

Apr 29, 2015

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

WP-Mon <= 0.5.1 - Arbitrary File Download

7.5

CVE ID Unknown

Apr 16, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Crayon Syntax Highlighter <= 2.6.10 - Directory Traversal

6.5

CVE ID Unknown

Apr 14, 2015

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

S3 Bubble Amazon S3 HTML5 Video with Adverts <= 2.0 - Arbitrary File Download

7.5

CVE ID Unknown

Apr 7, 2015

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Title	CVE ID	CVSS	Vector	Date
IBS Mappro < 1.0 - Directory Traversal	CVE-2015-5472	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	July 8, 2015
Swim Team < 1.45.1085 - Directory Traversal	CVE-2015-5471	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	July 8, 2015
S3Bubble Cloud Video with Adverts and Analytics < 4.8 - Arbitrary File Download	CVE-2015-9463	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	July 7, 2015
WP eCommerce Shop Styling < 2.6 - Directory Traversal	CVE-2015-5468	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	July 5, 2015
S3 Bubble Amazon S3 HTML5 Video with Adverts <= 0.7 - Directory Traversal to Arbitrary File Access	CVE-2015-9464	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	July 5, 2015
MDC YouTube Downloader < 2.1.1 - Directory Traversal	CVE-2015-5469	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	July 2, 2015
Image Export < 1.1.1 - Path Traversal	CVE-2015-5609	9.1	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N	July 1, 2015
Download ZIP Attachments <= 1.0 - Directory Traversal	CVE-2015-4704	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	June 26, 2015
WordPress Renaming Tool by Vlajo <= 1.0 - Path Traversal	CVE-2015-4703	7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	June 12, 2015
Zip Attachments <= 1.5 - Directory Traversal	CVE-2015-4694	8.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N	June 12, 2015
PayPal Currency Converter BASIC for WooCommerce <= 1.3 - Path Traversal to Arbitrary File Read	CVE-2015-5065	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	June 10, 2015
Easy2Map <= 1.2.4 - Directory Traversal	CVE-2015-4616	6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N	June 8, 2015
Easy2map-photos <= 1.0.9 - Path Traversal	CVE-2015-4617	5.3	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	June 8, 2015
SE HTML5 Album Audio Player <= 1.1.0 - Directory Traversal	CVE-2015-4414	9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	June 6, 2015
Simple Backup <= 2.7.10 - Arbitrary File Download via Path Traversal		7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	May 19, 2015
My Calendar <= 2.3.29 - Path Traversal to Remote Code Execution		9.8	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H	May 15, 2015
TheCartPress eCommerce Shopping Cart <= 1.5.3.6 - Directory Traversal	CVE-2015-3301	4.9	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N	April 29, 2015
WP-Mon <= 0.5.1 - Arbitrary File Download		7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	April 16, 2015
Crayon Syntax Highlighter <= 2.6.10 - Directory Traversal		6.5	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N	April 14, 2015
S3 Bubble Amazon S3 HTML5 Video with Adverts <= 2.0 - Arbitrary File Download		7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N	April 7, 2015

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation