Urbanbase Z-downloads

3 CVEs affecting Urbanbase Z-downloads. Latest disclosed: 2025-05-15. Critical: 1, High: 1.

Top CVEs affecting Urbanbase Z-downloads
CVESeverityScorePublishedSummary
CVE-2024-8673Critical9.12025-05-15The Z-Downloads WordPress plugin before 1.11.7 does not properly validate uploaded files allowing for the uploading of SVGs containing malicious JavaScript.
CVE-2024-8699High7.22025-05-15The Z-Downloads WordPress plugin before 1.11.5 does not properly validate files uploaded, allowing high privilege users such as admin to upload arbitrary files…
CVE-2024-8703Medium6.12025-05-15The Z-Downloads WordPress plugin before 1.11.6 does not sanitise and escape some parameters when outputting them in the page, which could allow unauthenticated…