Wp-downloadmanager@* Security Vulnerabilities and Issues — Wp-downloadmanager@* CVE List

Lucene search

Wp-downloadmanager ProjectWp-downloadmanager*

5 matches found

CVE•added 2022/03/25 7:15 p.m.•101 views

CVE-2022-25606

Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions

5.4CVSS5.3AI score0.00166EPSS

CVE•added 2022/03/18 6:15 p.m.•88 views

CVE-2022-25605

Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions

5.4CVSS5.3AI score0.00182EPSS

CVE•added 2022/03/18 6:15 p.m.•76 views

CVE-2021-44760

Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin

5.4CVSS5.1AI score0.00167EPSS

CVE•added 2025/06/11 4:15 a.m.•49 views

CVE-2025-4799

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, t...

7.2CVSS5.8AI score0.00897EPSS

CVE•added 2025/06/11 4:15 a.m.•44 views

CVE-2025-4798

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administr...

4.9CVSS5.7AI score0.00041EPSS