Description
WordPress Plugin MiwoFTP-File & Folder Manager is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin MiwoFTP-File & Folder Manager version 1.0.5 is vulnerable; other versions may also be affected.
Remediation
Edit the source code to ensure that input is properly verified or disable the plugin until a fix is available
References
Related Vulnerabilities
Python Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2183)
WordPress Plugin Yakadanda Google+ Hangout Events Cross-Site Scripting (0.3.7)
Apache Tomcat CVE-2012-5568 Vulnerability (CVE-2012-5568)
Oracle Database Server CVE-2010-0911 Vulnerability (CVE-2010-0911)
Squid Improper Input Validation Vulnerability (CVE-2014-0128)