7 matches found
CVE-2025-68850 WordPress Sell Downloads plugin <= 1.1.12 - Broken Access Control vulnerability
Missing Authorization vulnerability in Codepeople Sell Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sell Downloads: from n/a through 1.1.12...
CVE-2015-9348
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs...
CVE-2015-9348
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs...
Design/Logic Flaw
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs...
CVE-2015-9348
CVE-2015-9348 affects the WordPress Sell Downloads plugin prior to version 1.0.8. The vulnerability arises from insufficient restrictions on brute-force guessing of purchase IDs, enabling an attacker to obtain purchase IDs. Multiple connected sources (Red Hat, CNVD, WPVulndb, NVD) corroborate thi...
CVE-2015-9348
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs...
WordPress Sell Downloads Plugin <= 1.0.1 - Arbitrary File Disclosure
Because of this vulnerability, attackers can download arbitrary files from site, under the context of the web server. Solution Upgrade the plugin...