Lucene search
W3edenDownload Manager
4 matches found
CVE-2022-36288
Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in W3 Eden Download Manager plugin
8.8CVSS7.4AI score0.0005EPSS
CVE-2022-34347
Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin
8.8CVSS6.5AI score0.00071EPSS
CVE-2022-34658
Multiple Authenticated (contributor+) Persistent Cross-Site Scripting (XSS) vulnerabilities in W3 Eden Download Manager plugin
5.4CVSS5.5AI score0.00111EPSS
CVE-2022-2362
The Download Manager WordPress plugin before 3.2.50 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based download blocking restrictions.
7.5CVSS7.4AI score0.00386EPSS