### [CVE-2021-39316](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39316)
![](https://img.shields.io/static/v1?label=Product&message=ZoomSounds%20-%20WordPress%20Wave%20Audio%20Player%20with%20Playlist&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=6.45%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-22%20Improper%20Limitation%20of%20a%20Pathname%20to%20a%20Restricted%20Directory%20('Path%20Traversal')&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-552%20Files%20or%20Directories%20Accessible%20to%20External%20Parties&color=brightgreen)

### Description

The Zoomsounds plugin <= 6.45 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the `dzsap_download` action using directory traversal in the `link` parameter.

### POC

#### Reference
- http://packetstormsecurity.com/files/165146/WordPress-DZS-Zoomsounds-6.45-Arbitrary-File-Read.html

#### Github
- https://github.com/20142995/nuclei-templates
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/HimmelAward/Goby_POC
- https://github.com/NyxAzrael/Goby_POC
- https://github.com/UrielYochpaz/Exploit-WordPress-Plugin-DZS-Zoomsounds
- https://github.com/Z0fhack/Goby_POC
- https://github.com/anggoroexe/Mass_CVE-2021-39316
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/soosmile/POC