Description The plugin lacks proper access controllers and allows a logged in user to view and download files belonging to another user
As a logged in user, send a GET request: GET /wp-admin/admin-ajax.php?action=cdm_file_list&uid;=3(CHANGE HERE)&pid;=0(CHANGE HERE)&search;=&_=1708406394720 You can view files and directories owned by other users by manipulating the uid
and pid
parameters That information can then be leveraged to download the files.