The jQueryFileTree <1.6.6 plugin for Wordpress default settings fail to parse the user data causing a path traversal vulnerability. This allows an attacker to list all the filesnames of all readable ...