Download Manager Broken Access Controls, File Password Bypas
Reporter | Title | Published | Views | Family All 9 |
---|---|---|---|---|
![]() | Download Manager < 3.2.71 - Broken Access Controls | 8 May 202300:00 | – | wpvulndb |
![]() | CVE-2023-1524 | 30 May 202308:15 | – | nvd |
![]() | CVE-2023-1524 | 30 May 202308:15 | – | cve |
![]() | WordPress Download Manager Plugin < 3.2.71 Improper Access Control Vulnerability | 5 Jun 202300:00 | – | openvas |
![]() | WordPress Download Manager Plugin < 3.2.71 is vulnerable to Broken Access Control | 30 May 202300:00 | – | patchstack |
![]() | Default credentials | 30 May 202308:15 | – | prion |
![]() | CVE-2023-1524 Download Manager < 3.2.71 - Broken Access Controls | 30 May 202307:49 | – | cvelist |
![]() | CVE-2023-1524 Download Manager < 3.2.71 - Broken Access Controls | 30 May 202307:49 | – | vulnrichment |
![]() | Wordfence Intelligence Weekly WordPress Vulnerability Report (May 8, 2023 to May 14, 2023) | 18 May 202312:45 | – | wordfence |
- Create two password protected files with different passwords. Note the post ID for each file.
- Navigate to the download page for one of the files. E.g. `<host>/download/password_protected_file_1/`
- Click the "Download" button and enter the password.
- The modal will have a new Download button. Click this one, and intercept the request.
- Change the `wpdmdl` URL parameter to the ID of the other file.
- See that the other file is downloaded without using its password.
Transform Your Security Services
Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.
Book a live demo