Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:48 a.m.9 views

CVE-2023-6785

The Download Manager plugin for WordPress is vulnerable to unauthorized file download of files added via the plugin in all versions up to, and including, 3.2.84. This makes it possible for unauthenticated attackers to download files added with the plugin even when privately published...

5.3CVSS6.8AI score0.00546EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/13 3:26 p.m.36 views

CVE-2023-6785 Download Manager <= 3.2.84 - Missing Authorization

The Download Manager plugin for WordPress is vulnerable to unauthorized file download of files added via the plugin in all versions up to, and including, 3.2.84. This makes it possible for unauthenticated attackers to download files added with the plugin even when privately published...

5.3CVSS5.4AI score0.00546EPSS
Exploits0References2
CVE
CVE
added 2024/03/13 3:26 p.m.79 views

CVE-2023-6785

CVE-2023-6785 affects the Download Manager plugin for WordPress (versions up to and including 3.2.84). The vulnerability allows unauthorized (unauthenticated) users to download files added via the plugin, even if privately published. Root cause details are not provided in the initial description....

5.3CVSS5.5AI score0.00546EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2024/02/28 12:0 a.m.20 views

WordPress Download Manager Plugin <= 3.2.84 is vulnerable to Broken Access Control

Software Download Manager Type Plugin Vulnerable versions = 3.2.84 Fixed in 3.2.85 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-6785 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 049e661b5aa7 Credits wesley wcraft Required...

5.3CVSS6.5AI score0.00546EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder