6 matches found
CVE-2024-2098
The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download password-protected fil...
CVE-2024-2098
The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download password-protected fil...
CVE-2024-2098
CVE-2024-2098 affects the WordPress Download Manager plugin. The flaw is an improper authorization check in protectMediaLibrary, impacting all versions up to and including 3.2.89 and enables unauthenticated attackers to download password‑protected files. A fixed release exists (3.2.90) per Patchs...
CVE-2024-2098 Download Manager <= 3.2.89 - Improper Authorization via protectMediaLibrary
The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download password-protected fil...
CVE-2024-2098 Download Manager <= 3.2.89 - Improper Authorization via protectMediaLibrary
The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download password-protected fil...
WordPress Download Manager Plugin <= 3.2.89 is vulnerable to Broken Access Control
Software Download Manager Type Plugin Vulnerable versions = 3.2.89 Fixed in 3.2.90 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-2098 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9cdd3cc02fc0 Credits m1tz Required privilege...