Wp-downloadmanager_project Wp-downloadmanager

6 CVEs affecting Wp-downloadmanager_project Wp-downloadmanager. Latest disclosed: 2025-06-11. Critical: 0, High: 1.

Top CVEs affecting Wp-downloadmanager_project Wp-downloadmanager
CVESeverityScorePublishedSummary
CVE-2025-4799High7.22025-06-11The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in…
CVE-2020-24141Medium5.32021-07-07Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerab…
CVE-2025-4798Medium4.92025-06-11The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restri…
CVE-2022-25606Medium4.82022-03-25Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vulnerable par…
CVE-2022-25605Medium4.82022-03-18Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vvulnerable pa…
CVE-2021-44760Medium4.82022-03-18Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin <= 1.68.6 versions.