CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2025-4798 – WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Read
https://notcve.org/view.php?id=CVE-2025-4798
10 Jun 2025 — The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administrator-level access and above, to download and read any file on the server, including system and configuration files. • https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L16 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.3EPSS: 1%CPEs: 1EXPL: 0CVE-2025-4799 – WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Deletion
https://notcve.org/view.php?id=CVE-2025-4799
10 Jun 2025 — The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file... • https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-manager.php#L215 • CWE-36: Absolute Path Traversal •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2024-13426 – WP-Polls <= 2.77.2 - Unauthenticated SQL Injection to Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2024-13426
21 Jan 2025 — The WP-Polls plugin for WordPress is vulnerable to SQL Injection via COOKIE in all versions up to, and including, 2.77.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries. Those queries are stored and results are not displayed to the attacker, which means they cannot be exploited to obtain any additional information about ... • https://github.com/WordPress/wordpress-develop/blob/a82874058f58575dbba64ce09b6dcbd43ccf5fdc/src/wp-includes/default-constants.php#L249 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 4.3EPSS: 0%CPEs: 65EXPL: 0CVE-2011-10006 – GamerZ WP-PostRatings wp-postratings.php cross site scripting
https://notcve.org/view.php?id=CVE-2011-10006
08 Apr 2024 — A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. • https://github.com/wp-plugins/wp-postratings/commit/6182a5682b12369ced0becd3b505439ce2eb8132 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 0CVE-2006-0238
https://notcve.org/view.php?id=CVE-2006-0238
18 Jan 2006 — SQL injection vulnerability in wp-stats.php in GaMerZ WP-Stats 2.0 allows remote attackers to execute arbitrary SQL commands via the author parameter. • http://osvdb.org/ref/22/22450-wpstats.txt •