3 matches found
CVE-2022-2357
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php...
CVE-2022-2357
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php...
CVE-2022-2357
The CVE-2022-2357 entry concerns the WordPress WSM Downloader plugin (versions 1.4.0 and earlier). The vulnerability resides in the plugin’s remote file download feature, enabling unauthenticated access to download local files (including wp-config.php). This is an unauthenticated arbitrary-file-d...