### [CVE-2015-4617](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4617)
![](https://img.shields.io/static/v1?label=Product&message=Easy2map-photos%20WordPress%20Plugin&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=1.09%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Path%20traversal%20in%20easy2map-photos%20wordpress%20plugin%20v1.09&color=brightgreen)

### Description

Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/20142995/nuclei-templates