Westerndeal Advanced Dewplayer vulnerabilities
2 known vulnerabilities affecting westerndeal/advanced_dewplayer.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2013-7240P3MEDIUMCVSS 5.0PoCv1.22014-01-03
CVE-2013-7240 [MEDIUM] CWE-22 CVE-2013-7240: Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for Word
Directory traversal vulnerability in download-file.php in the Advanced Dewplayer plugin 1.2 for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the dew_file parameter.
nvd
CVE-2025-30592P4MEDIUMCVSS 5.3≤ 1.62025-03-24
CVE-2025-30592 [MEDIUM] CWE-862 CVE-2025-30592: Missing Authorization vulnerability in WesternDeal Advanced Dewplayer advanced-dewplayer allows Expl
Missing Authorization vulnerability in WesternDeal Advanced Dewplayer advanced-dewplayer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Dewplayer: from n/a through <= 1.6.
nvd