ReportizFlow
Filtered by vendor Wpdownloadmanager
Subscriptions
Filtered by product Wordpress Download Manager
Subscriptions
Total
24 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-20093 | 1 Wpdownloadmanager | 1 Wordpress Download Manager | 2024-11-21 | 4.3 Medium |
| A vulnerability, which was classified as problematic, was found in Download Manager Plugin 2.8.99. Affected is an unknown function. The manipulation leads to cross-site request forgery. It is possible to launch the attack remotely. | ||||
| CVE-2017-18032 | 1 Wpdownloadmanager | 1 Wordpress Download Manager | 2024-11-21 | N/A |
| The download-manager plugin before 2.9.52 for WordPress has XSS via the id parameter in a wpdm_generate_password action to wp-admin/admin-ajax.php. | ||||
| CVE-2014-8585 | 1 Wpdownloadmanager | 1 Wordpress Download Manager | 2024-11-21 | N/A |
| Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2) file_download.php. | ||||
| CVE-2013-7319 | 1 Wpdownloadmanager | 1 Wordpress Download Manager | 2024-11-21 | N/A |
| Cross-site scripting (XSS) vulnerability in the Download Manager plugin before 2.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the title field. | ||||