Описание
The Download Manager plugin for WordPress is vulnerable to unauthorized file download of files added via the plugin in all versions up to, and including, 3.2.84. This makes it possible for unauthenticated attackers to download files added with the plugin (even when privately published).
Ссылки
- Patch
- Third Party Advisory
- Patch
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 3.2.85 (исключая)
cpe:2.3:a:w3eden:download_manager:*:*:*:*:free:wordpress:*:*
EPSS
Процентиль: 60%
0.00391
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-862
Связанные уязвимости
CVSS3: 5.3
github
почти 2 года назад
The Download Manager plugin for WordPress is vulnerable to unauthorized file download of files added via the plugin in all versions up to, and including, 3.2.84. This makes it possible for unauthenticated attackers to download files added with the plugin (even when privately published).
EPSS
Процентиль: 60%
0.00391
Низкий
5.3 Medium
CVSS3
Дефекты
CWE-862