wp-plugin : youtubefreedown

Plugin Details
Plugin Name: wp-plugin : youtubefreedown
Effected Version : 1 (and most probably lower version's if any)
Vulnerability : Components with Known Vulnerabilities
Identified by : prajalkulkarni
WPScan Reference URL

Technical Details
Minimum Level of Access Required : Unauthenticated
PoC - (Proof of Concept) :

http://127.0.0.1/wordpress/wp-content/youtubefreedown/player.swf?file=http://nmap.org/images/sitelogo.png


Disclosure Timeline
Vendor Contacted : 2013-12-27
Plugin Status : Updated on 2014-01-11
Public Disclosure : May 25, 2014
CVE Number :
Plugin Description :
[| This plugin allow you to search your favorite video from http://youtube.com You can watch the video embended in your site. You can download the video that you have searched from http://youtube.com. You can download the video directly from http://youtube.com at your pc. Js and Css files are loaded into the header only if really necessary. Many features not implemented yet will be developed soon... new sites will be supported soon ..... New feature requests and bug tracks are accepted by plugins forum. ]