Gamerz Wp-downloadmanager
5 CVEs affecting Gamerz Wp-downloadmanager. Latest disclosed: 2026-02-18. Critical: 0, High: 2.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-10747 | High | 7.2 | 2025-09-26 | The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download-add.php file in all ver… |
CVE-2025-4799 | High | 7.2 | 2025-06-11 | The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in… |
CVE-2026-2426 | Medium | 6.5 | 2026-02-18 | The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'file' parameter in the file del… |
CVE-2025-4798 | Medium | 4.9 | 2025-06-11 | The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restri… |
CVE-2026-2419 | Low | 2.7 | 2026-02-18 | The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'download_path' configuration pa… |