CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2CVE-2023-6421 – Download Manager < 3.2.83 - Unauthenticated Protected File Download Password Leak
https://notcve.org/view.php?id=CVE-2023-6421
29 Nov 2023 — The Download Manager WordPress plugin before 3.2.83 does not protect file download's passwords, leaking it upon receiving an invalid one. El complemento Download Manager de WordPress anterior a 3.2.83 no protege las contraseñas de descarga de archivos y las filtra al recibir una no válida. The Download Manager plugin for WordPress is vulnerable to information Exposure in all versions up to, and including, 3.2.82. This is due to the plugin leaking the password to a protected file when it receives an invalid ... • https://github.com/RandomRobbieBF/CVE-2023-6421 • CWE-522: Insufficiently Protected Credentials CWE-863: Incorrect Authorization •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 3CVE-2023-2305 – Download Manager <= 3.2.70 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
https://notcve.org/view.php?id=CVE-2023-2305
12 May 2023 — The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdm_members', 'wpdm_login_form', 'wpdm_reg_form' shortcodes in versions up to, and including, 3.2.70 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. W3 Eden Download Manager ver... • https://packetstorm.news/files/id/172477 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2022-4476 – Download Manager < 3.2.62 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2022-4476
20 Dec 2022 — The Download Manager WordPress plugin before 3.2.62 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins. El complemento Download Manager de WordPress anterior a 3.2.62 no valida ni escapa algunos de sus atributos de código corto antes de devolverlos a la página, lo que podría permitir a los usuarios con un rol tan bajo como co... • https://wpscan.com/vulnerability/856cac0f-2526-4978-acad-d6d82a0bec45 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-2436 – Download Manager <= 3.2.49 - Authenticated (Contributor+) PHAR Deserialization
https://notcve.org/view.php?id=CVE-2022-2436
17 Aug 2022 — The Download Manager plugin for WordPress is vulnerable to deserialization of untrusted input via the 'file[package_dir]' parameter in versions up to, and including 3.2.49. This makes it possible for authenticated attackers with contributor privileges and above to call files using a PHAR wrapper that will deserialize the data and call arbitrary PHP Objects that can be used to perform a variety of malicious actions granted a POP chain is also present. It also requires that the attacker is successful in uploa... • https://plugins.trac.wordpress.org/browser/download-manager/trunk/src/Admin/Menu/Packages.php#L68 • CWE-502: Deserialization of Untrusted Data •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34347 – WordPress Download Manager plugin <= 3.2.48 - Cross-Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2022-34347
02 Aug 2022 — Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en el plugin W3 Eden Download Manager versiones anteriores a 3.2.48 incluyéndola, en WordPress. The Download Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.48. This is due to missing or incorrect nonce validation on the updateTemplateStatus function. This makes it possible for un... • https://patchstack.com/database/vulnerability/download-manager/wordpress-download-manager-plugin-3-2-48-cross-site-request-forgery-csrf-vulnerability • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-36288 – WordPress Download Manager plugin <= 3.2.48 - Multiple Cross-Site Request Forgery (CSRF) vulnerabilities
https://notcve.org/view.php?id=CVE-2022-36288
02 Aug 2022 — Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. Múltiples vulnerabilidades de tipo Cross-Site Request Forgery (CSRF) en el plugin W3 Eden Download Manager versiones anteriores a 3.2.48 incluyéndola, en WordPress. The Download Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.2.48. This is due to missing or incorrect nonce validation. This makes it possible for unauthenticated atta... • https://patchstack.com/database/vulnerability/download-manager/wordpress-download-manager-plugin-3-2-48-multiple-cross-site-request-forgery-csrf-vulnerabilities • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2362 – Download Manager < 3.2.50 - Bypass IP Address Blocking Restriction
https://notcve.org/view.php?id=CVE-2022-2362
01 Aug 2022 — The Download Manager WordPress plugin before 3.2.50 prioritizes getting a visitor's IP from certain HTTP headers over PHP's REMOTE_ADDR, which makes it possible to bypass IP-based download blocking restrictions. El plugin Download Manager de WordPress versiones anteriores a 3.2.50, prioriza la obtención de la IP de un visitante a partir de determinados encabezados HTTP por encima de REMOTE_ADDR de PHP, lo que permite omitir las restricciones de bloqueo de descargas basadas en la IP. The Download Manager plu... • https://wpscan.com/vulnerability/d94b721e-9ce2-45e5-a673-2a57b0137653 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') CWE-290: Authentication Bypass by Spoofing •
CVSS: 9.0EPSS: 3%CPEs: 1EXPL: 2CVE-2022-2431 – Download Manager <= 3.2.50 - Authenticated (Contributor+) Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2022-2431
27 Jul 2022 — The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion in versions up to, and including 3.2.50. This is due to insufficient file type and path validation on the deleteFiles() function found in the ~/Admin/Menu/Packages.php file that triggers upon download post deletion. This makes it possible for contributor level users and above to supply an arbitrary file path via the 'file[files]' parameter when creating a download post and once the user deletes the post the supplied arbitrary... • https://packetstorm.news/files/id/167920 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-73: External Control of File Name or Path CWE-610: Externally Controlled Reference to a Resource in Another Sphere •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-34658 – WordPress Download Manager plugin <= 3.2.48 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities
https://notcve.org/view.php?id=CVE-2022-34658
06 Jul 2022 — Multiple Authenticated (contributor+) Persistent Cross-Site Scripting (XSS) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at WordPress. Múltiples vulnerabilidades de tipo Cross-Site Scripting (XSS) autenticado (contributor+) en el plugin W3 Eden Download Manager versiones anteriores a 3.2.48 incluyéndola, en WordPress. The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title’ and 'label' parameters in versions up to, and including, 3.2.48 due to in... • https://patchstack.com/database/vulnerability/download-manager/wordpress-download-manager-plugin-3-2-48-multiple-authenticated-persistent-cross-site-scripting-xss-vulnerabilities • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 3CVE-2022-2101 – Download Manager <= 3.2.46 - Contributor+ Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2022-2101
21 Jun 2022 — The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `file[files][]` parameter in versions up to, and including, 3.2.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with contributor level permissions and above to inject arbitrary web scripts on the file's page that will execute whenever an administrator accesses the editor area for the injected file page. El plugin Download Manager para WordPress es v... • https://packetstorm.news/files/id/167573 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •