Wp-downloadmanager Security Vulnerabilities and Issues — Wp-downloadmanager CVE List

Lucene search

Wp-downloadmanager ProjectWp-downloadmanager

1 matches found

CVE•added 2025/06/11 4:15 a.m.•45 views

CVE-2025-4798

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administr...

4.9CVSS5.7AI score0.00041EPSS