Lucene search
+L

6 matches found

redhatcve
redhatcve
added 2025/02/05 2:11 a.m.19 views

CVE-2024-2098

The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download password-protected fil...

7.5CVSS6.8AI score0.00454EPSS
Exploits0References1
nvd
nvd
added 2024/06/13 6:15 a.m.42 views

CVE-2024-2098

The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download password-protected fil...

7.5CVSS0.00454EPSS
Exploits0References2
cve
cve
added 2024/06/13 5:34 a.m.76 views

CVE-2024-2098

CVE-2024-2098 affects the WordPress Download Manager plugin. The flaw is an improper authorization check in protectMediaLibrary, impacting all versions up to and including 3.2.89 and enables unauthenticated attackers to download password‑protected files. A fixed release exists (3.2.90) per Patchs...

7.5CVSS7.5AI score0.00454EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2024/06/13 5:34 a.m.18 views

CVE-2024-2098 Download Manager <= 3.2.89 - Improper Authorization via protectMediaLibrary

The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download password-protected fil...

7.5CVSS6.8AI score0.00454EPSS
Exploits0References2
cvelist
cvelist
added 2024/06/13 5:34 a.m.42 views

CVE-2024-2098 Download Manager <= 3.2.89 - Improper Authorization via protectMediaLibrary

The Download Manager plugin for WordPress is vulnerable to unauthorized access of data due to an improper authorization check on the 'protectMediaLibrary' function in all versions up to, and including, 3.2.89. This makes it possible for unauthenticated attackers to download password-protected fil...

7.5CVSS0.00454EPSS
Exploits0References2
patchstack
patchstack
added 2024/06/12 12:0 a.m.10 views

WordPress Download Manager Plugin <= 3.2.89 is vulnerable to Broken Access Control

Software Download Manager Type Plugin Vulnerable versions = 3.2.89 Fixed in 3.2.90 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-2098 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 9cdd3cc02fc0 Credits m1tz Required privilege...

7.5CVSS6.6AI score0.00454EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder