3 matches found
CVE-2025-11072
The MelAbu WP Download Counter Button WordPress plugin through 1.8.6.7 does not validate the path of files to be downloaded, which could allow unauthenticated attacker to read/download arbitrary files...
CVE-2025-11072
CVE-2025-11072 concerns the MelAbu WP Download Counter Button WordPress plugin (versions up to 1.8.6.7). The issue is that the plugin does not validate the file path for downloads, which could allow an unauthenticated attacker to read/download arbitrary files. In public disclosures, Patchstack an...
WordPress plugin MelAbu WP Download Counter Button 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...