Cm Download Manager Security Vulnerabilities and Issues — Cm Download Manager CVE List

Lucene search

CmindsCm Download Manager

4 matches found

CVE•added 2024/03/25 5:15 a.m.•72 views

CVE-2024-1231

The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack

6.8CVSS9.1AI score0.00063EPSS

CVE•added 2020/10/21 8:15 p.m.•39 views

CVE-2020-27344

The cm-download-manager plugin before 2.8.0 for WordPress allows XSS.

6.1CVSS6.3AI score0.0019EPSS

CVE•added 2014/12/05 3:59 p.m.•37 views

CVE-2014-9129

Cross-site request forgery (CSRF) vulnerability in the CreativeMinds CM Downloads Manager plugin before 2.0.7 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the addons_title parameter in the CMDM_...

6.8CVSS6.5AI score0.00262EPSS

CVE•added 2021/07/07 2:15 p.m.•31 views

CVE-2020-24145

Cross Site Scripting (XSS) vulnerability in the CM Download Manager (aka cm-download-manager) plugin 2.7.0 for WordPress allows remote attackers to inject arbitrary web script or HTML via a crafted deletescreenshot action.

6.1CVSS5.9AI score0.00511EPSS