Download Manager Security Vulnerabilities and Issues — Download Manager CVE List

Lucene search

W3edenDownload Manager

4 matches found

CVE•added 2021/08/05 9:15 p.m.•67 views

CVE-2021-34639

Authenticated File Upload in WordPress Download Manager

8.8CVSS8AI score0.00143EPSS

CVE•added 2021/08/05 9:15 p.m.•62 views

CVE-2021-34638

Authenticated Directory Traversal in WordPress Download Manager

6.5CVSS6.1AI score0.00775EPSS

CVE•added 2021/12/27 11:15 a.m.•45 views

CVE-2021-24969

The WordPress Download Manager WordPress plugin before 3.2.22 does not sanitise and escape Template data before outputting it in various pages (such as admin dashboard and frontend). Due to the lack of authorisation and CSRF checks in the wpdm_save_template AJAX action, any authenticated users such...

5.4CVSS5.2AI score0.00208EPSS

CVE•added 2021/11/01 9:15 a.m.•38 views

CVE-2021-24773

The WordPress Download Manager WordPress plugin before 3.2.16 does not escape some of the Download settings when outputting them, allowing high privilege users to perform XSS attacks even when the unfiltered_html capability is disallowed

4.8CVSS4.7AI score0.00206EPSS