CVE-2015-1579 Information

Description

Directory traversal vulnerability in the Elegant Themes Divi theme for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the img parameter in a revslider_show_image action to wp-admin/admin-ajax.php. NOTE: this vulnerability may be a duplicate of CVE-2014-9734.

Reference

http://www.exploit-db.com/exploits/36039 https://wpvulndb.com/vulnerabilities/7540