Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.Referenceshttps://wordpress.org/plugins/easy2map-photoshttp://www.vapidlabs.com/advisory.php?v=130
