Download Manager Security Vulnerabilities and Issues — Download Manager CVE List

Lucene search

W3edenDownload Manager

3 matches found

CVE•added 2024/03/19 3:15 p.m.•59 views

CVE-2024-29114

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Download Manager allows Stored XSS.This issue affects Download Manager: from n/a through 3.2.84.

6.5CVSS6.7AI score0.0006EPSS

CVE•added 2024/03/13 4:15 p.m.•57 views

CVE-2023-6785

The Download Manager plugin for WordPress is vulnerable to unauthorized file download of files added via the plugin in all versions up to, and including, 3.2.84. This makes it possible for unauthenticated attackers to download files added with the plugin (even when privately published).

5.3CVSS5.5AI score0.00288EPSS

CVE•added 2024/03/13 4:15 p.m.•36 views

CVE-2023-6954

The Download Manager Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 3.2.85 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated atta...

6.4CVSS6AI score0.00127EPSS