Description
WordPress Plugin IBS Mappro is prone to a vulnerability that lets attackers download arbitrary files because the application fails to sufficiently verify user-supplied input. This may allow an attacker to gain access to sensitive information, which may aid in launching further attacks. WordPress Plugin IBS Mappro version 0.6 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.0 or latest
References
http://www.vapidlabs.com/advisory.php?v=137
http://www.openwall.com/lists/oss-security/2015/07/09/11
Related Vulnerabilities
Django Uncontrolled Recursion Vulnerability (CVE-2019-14235)
WordPress Plugin gSlideShow Cross-Site Request Forgery (0.1)
WordPress Plugin WP Construction Mode Cross-Site Request Forgery (3.31)
WordPress Plugin Zotpress 'citation' Parameter Cross-Site Scripting (2.6.1)
WordPress Plugin WP Frontend Profile Multiple Vulnerabilities (0.2.1)