CVE-2016-10966

The real3d-flipbook-lite plugin 1.0 for WordPress has bookName=../ directory traversal for file upload.
Source: NIST
CVE-2016-10966