Latest high severity vulnerabilities for vendor "wpdownloadmanager"

Filter

AND

Sort:

Software

wpdownloadmanager download manager

WordPress Download Manager Premium PackagesThe Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privileg…

high

8.8

First published (updated )

CVE-2023-4293

WP Download ManagerDownload Manager Pro < 6.3.0 - Unauthenticated Sensitive Information Disclosure

high

7.5

First published (updated )

CVE-2023-1809

WP Download ManagerDownload Manager <= 3.3.03 - Unauthenticated Arbitrary Shortcode Execution

high

7.3

First published (updated )

CVE-2024-11740

WP Download ManagerWordPress Download Manager Plugin <= 3.2.59 is vulnerable to Cross Site Scripting (XSS)

high

7.1

First published (updated )

CVE-2022-45836

WordPress Download Manager Premium PackagesWordPress Premium Packages – Sell Digital Products Securely plugin <= 5.9.3 - SQL Injection vulnerability

high

7.6

First published (updated )

CVE-2024-52435

Never miss a vulnerability like this again

WordPress Download ManagerWordPress Download Manager plugin <= 3.2.48 - Cross-Site Request Forgery (CSRF) vulnerability

high

8.8

First published (updated )

CVE-2022-34347

WordPress Download ManagerWordPress Download Manager plugin <= 3.2.48 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities

high

8.8

First published (updated )

CVE-2022-36288

WordPress Download ManagerWordPress Download Manager <= 3.1.24 Authenticated Arbitrary File Upload

high

8.8

First published (updated )

CVE-2021-34639

WP Download ManagerWordPress Download Manager < 3.2.34 - Authenticated SQL Injection to Reflected XSS

high

8.8

First published (updated )

CVE-2021-25069

WordPress Download ManagerWordpress Download Manager < 3.2.25 - Sensitive Information Disclosure

high

7.5

First published (updated )

CVE-2021-25087

Never miss a vulnerability like this again

WordPress Download ManagerThe Download Manager plugin for WordPress is vulnerable to deserialization of untrusted input via th…

high

8.8

First published (updated )

CVE-2022-2436

WordPress Download ManagerDownload Manager <= 3.2.50 - Authenticated (Contributor+) Arbitrary File Deletion

high

8.8

First published (updated )

CVE-2022-2431

WordPress Download ManagerDownload Manager < 3.2.50 - Bypass IP Address Blocking Restriction

high

7.5

First published (updated )

CVE-2022-2362

WordPress Download ManagerDownload Manager < 3.2.39 - Unauthenticated brute force of files master key

high

7.5

First published (updated )

CVE-2022-0828

WordPress Download ManagerDownload Manager < 3.2.83 - Unauthenticated Protected File Download Password Leak

high

7.5

EPSS

0.08%

First published (updated )

CVE-2023-6421

Never miss a vulnerability like this again

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.