Gamerz Wp-downloadmanager

5 CVEs affecting Gamerz Wp-downloadmanager. Latest disclosed: 2026-02-18. Critical: 0, High: 2.

Top CVEs affecting Gamerz Wp-downloadmanager
CVESeverityScorePublishedSummary
CVE-2025-10747High7.22025-09-26The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download-add.php file in all ver…
CVE-2025-4799High7.22025-06-11The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in…
CVE-2026-2426Medium6.52026-02-18The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'file' parameter in the file del…
CVE-2025-4798Medium4.92025-06-11The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restri…
CVE-2026-2419Low2.72026-02-18The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'download_path' configuration pa…