WordPress Download Counter Button plugin <= 1.8.6.7 - Unauthenticated Arbitrary File Download vulnerability

Unauthenticated Arbitrary File Download vulnerability discovered by Khaled Alenazi Nxploited in WordPress Plugin Download Counter Button versions = 1.8.6.7...

CVE-2025-11072

The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files...

CVE-2025-11072 Download Counter Button <= 1.8.6.7 - Unauthenticated Arbitrary File Download

The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files...

CVE-2025-11072 Download Counter Button <= 1.8.6.7 - Unauthenticated Arbitrary File Download

The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files...

WordPress plugin MelAbu WP Download Counter Button 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...