2 matches found
CVE-2021-25059
The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download a full copy of the website...
CVE-2021-25059 Download Plugin < 2.0.0 - Subscriber+ Website Download
The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site such as subscriber to download a full copy of the website...