Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    12 vulnerabilities by wp-downloadmanager_project

    CVE-2025-4799 (GCVE-0-2025-4799)

    Vulnerability from nvd – Published: 2025-06-11 03:41 – Updated: 2026-04-08 17:34
    VLAI
    Title
    WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Deletion
    Summary
    The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-36 - Absolute Path Traversal
    Assigner
    Impacted products
    Vendor Product Version
    gamerz WP-DownloadManager Affected: 0 , ≤ 1.68.10 (semver)
    Create a notification for this product.
    Credits
    Jamshed Yergashvoyev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4799",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T13:23:45.565512Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-11T13:23:50.639Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WP-DownloadManager",
              "vendor": "gamerz",
              "versions": [
                {
                  "lessThanOrEqual": "1.68.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jamshed Yergashvoyev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-36",
                  "description": "CWE-36 Absolute Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:34:15.795Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9d9e485-171f-4e36-943d-397d540e31f4?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L16"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L42"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-manager.php#L215"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3294467/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-10T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "WP-DownloadManager \u003c= 1.68.10 - Authenticated (Administrator+) Arbitrary File Deletion"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4799",
        "datePublished": "2025-06-11T03:41:53.029Z",
        "dateReserved": "2025-05-15T19:37:36.032Z",
        "dateUpdated": "2026-04-08T17:34:15.795Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4798 (GCVE-0-2025-4798)

    Vulnerability from nvd – Published: 2025-06-11 03:41 – Updated: 2026-04-08 16:59
    VLAI
    Title
    WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Read
    Summary
    The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administrator-level access and above, to download and read any file on the server, including system and configuration files.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    gamerz WP-DownloadManager Affected: 0 , ≤ 1.68.10 (semver)
    Create a notification for this product.
    Credits
    Jamshed Yergashvoyev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4798",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T13:24:22.564285Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-11T13:24:30.120Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WP-DownloadManager",
              "vendor": "gamerz",
              "versions": [
                {
                  "lessThanOrEqual": "1.68.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jamshed Yergashvoyev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administrator-level access and above, to download and read any file on the server, including system and configuration files."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:59:16.878Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cd166bc-774e-4083-b5f7-bffba1f7c293?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L16"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L42"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3294467/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-10T15:30:37.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "WP-DownloadManager \u003c= 1.68.10 - Authenticated (Administrator+) Arbitrary File Read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4798",
        "datePublished": "2025-06-11T03:41:52.636Z",
        "dateReserved": "2025-05-15T18:56:10.692Z",
        "dateUpdated": "2026-04-08T16:59:16.878Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-25606 (GCVE-0-2022-25606)

    Vulnerability from nvd – Published: 2022-03-25 18:02 – Updated: 2026-04-28 16:07
    VLAI
    Title
    WordPress WP-DownloadManager plugin <= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
    Summary
    Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vulnerable parameters &download_path, &download_path_url, &download_page_url, &download_categories.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Lester 'GaMerZ' Chan WP-DownloadManager (WordPress) Affected: <= 1.68.5 , ≤ 1.68.5 (custom)
    Create a notification for this product.
    Date Public
    2022-01-10 00:00
    Credits
    Vulnerability discovered by Ex.Mi (Patchstack).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.290Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-5-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25606",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-20T19:32:36.647020Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-20T20:29:34.538Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WP-DownloadManager (WordPress)",
              "vendor": "Lester \u0027GaMerZ\u0027 Chan",
              "versions": [
                {
                  "lessThanOrEqual": "1.68.5",
                  "status": "affected",
                  "version": "\u003c= 1.68.5",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Vulnerability discovered by Ex.Mi (Patchstack)."
            }
          ],
          "datePublic": "2022-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6). Vulnerable parameters \u0026download_path, \u0026download_path_url, \u0026download_page_url, \u0026download_categories."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:07:39.107Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-5-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update to 1.68.6 or higher version."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress WP-DownloadManager plugin \u003c= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "audit@patchstack.com",
              "DATE_PUBLIC": "2022-01-10T13:42:00.000Z",
              "ID": "CVE-2022-25606",
              "STATE": "PUBLIC",
              "TITLE": "WordPress WP-DownloadManager plugin \u003c= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WP-DownloadManager (WordPress)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "\u003c= 1.68.5",
                                "version_value": "1.68.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Lester \u0027GaMerZ\u0027 Chan"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Vulnerability discovered by Ex.Mi (Patchstack)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6). Vulnerable parameters \u0026download_path, \u0026download_path_url, \u0026download_page_url, \u0026download_categories."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/wp-downloadmanager/#developers",
                  "refsource": "CONFIRM",
                  "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
                },
                {
                  "name": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-5-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities",
                  "refsource": "CONFIRM",
                  "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-5-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update to 1.68.6 or higher version."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2022-25606",
        "datePublished": "2022-03-25T18:02:32.949Z",
        "dateReserved": "2022-02-21T00:00:00.000Z",
        "dateUpdated": "2026-04-28T16:07:39.107Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-25605 (GCVE-0-2022-25605)

    Vulnerability from nvd – Published: 2022-03-18 18:00 – Updated: 2026-04-28 16:07
    VLAI
    Title
    WordPress WP-DownloadManager plugin <= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
    Summary
    Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vvulnerable parameters &download_path, &download_path_url, &download_page_url.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Lester 'GaMerZ' Chan WP-DownloadManager (WordPress) Affected: <= 1.68.6 , ≤ 1.68.6 (custom)
    Create a notification for this product.
    Date Public
    2022-01-12 00:00
    Credits
    Vulnerability discovered by Ex.Mi (Patchstack).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:49.984Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25605",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-20T19:32:48.830485Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-20T20:30:10.178Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WP-DownloadManager (WordPress)",
              "vendor": "Lester \u0027GaMerZ\u0027 Chan",
              "versions": [
                {
                  "lessThanOrEqual": "1.68.6",
                  "status": "affected",
                  "version": "\u003c= 1.68.6",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Vulnerability discovered by Ex.Mi (Patchstack)."
            }
          ],
          "datePublic": "2022-01-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6). Vvulnerable parameters \u0026download_path, \u0026download_path_url, \u0026download_page_url."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:07:39.102Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update to 1.68.7 or higher version."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress WP-DownloadManager plugin \u003c= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "audit@patchstack.com",
              "DATE_PUBLIC": "2022-01-12T13:42:00.000Z",
              "ID": "CVE-2022-25605",
              "STATE": "PUBLIC",
              "TITLE": "WordPress WP-DownloadManager plugin \u003c= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WP-DownloadManager (WordPress)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "\u003c= 1.68.6",
                                "version_value": "1.68.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Lester \u0027GaMerZ\u0027 Chan"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Vulnerability discovered by Ex.Mi (Patchstack)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6). Vvulnerable parameters \u0026download_path, \u0026download_path_url, \u0026download_page_url."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/wp-downloadmanager/#developers",
                  "refsource": "CONFIRM",
                  "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
                },
                {
                  "name": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities",
                  "refsource": "CONFIRM",
                  "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update to 1.68.7 or higher version."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2022-25605",
        "datePublished": "2022-03-18T18:00:27.446Z",
        "dateReserved": "2022-02-21T00:00:00.000Z",
        "dateUpdated": "2026-04-28T16:07:39.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-44760 (GCVE-0-2021-44760)

    Vulnerability from nvd – Published: 2022-03-18 18:00 – Updated: 2026-04-28 16:07
    VLAI
    Title
    WordPress WP-DownloadManager plugin <= 1.68.6 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability
    Summary
    Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin <= 1.68.6 versions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Date Public
    2021-12-27 22:00
    Credits
    thiennv (Patchstack Alliance)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:32:13.389Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-authenticated-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-44760",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:06:57.548295Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T18:45:55.812Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "wp-downloadmanager",
              "product": "WP-DownloadManager (WordPress plugin)",
              "vendor": "Lester \u0027GaMerZ\u0027 Chan",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "1.68.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "1.68.6",
                  "status": "affected",
                  "version": "n/a",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "thiennv (Patchstack Alliance)"
            }
          ],
          "datePublic": "2021-12-27T22:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAuth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin \u003c= 1.68.6 versions.\u003c/p\u003e"
                }
              ],
              "value": "Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin \u003c= 1.68.6 versions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-591",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-591 Reflected XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:07:38.236Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-authenticated-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpdate to 1.68.7 or higher version.\u003c/p\u003e"
                }
              ],
              "value": "Update to 1.68.7 or higher version."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress WP-DownloadManager plugin \u003c= 1.68.6 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "audit@patchstack.com",
              "DATE_PUBLIC": "2021-12-28T08:23:00.000Z",
              "ID": "CVE-2021-44760",
              "STATE": "PUBLIC",
              "TITLE": "WordPress WP-DownloadManager plugin \u003c= 1.68.6 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WP-DownloadManager (WordPress plugin)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "\u003c= 1.68.6",
                                "version_value": "1.68.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Lester \u0027GaMerZ\u0027 Chan"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Vulnerability discovered by Ngo Van Thien (Patchstack Red Team project)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6)."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/wp-downloadmanager/#developers",
                  "refsource": "CONFIRM",
                  "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
                },
                {
                  "name": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-authenticated-reflected-cross-site-scripting-xss-vulnerability",
                  "refsource": "CONFIRM",
                  "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-authenticated-reflected-cross-site-scripting-xss-vulnerability"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update to 1.68.7 or higher version."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2021-44760",
        "datePublished": "2022-03-18T18:00:23.573Z",
        "dateReserved": "2022-01-13T00:00:00.000Z",
        "dateUpdated": "2026-04-28T16:07:38.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-24141 (GCVE-0-2020-24141)

    Vulnerability from nvd – Published: 2021-07-07 13:34 – Updated: 2024-08-04 15:05
    VLAI
    Summary
    Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:05:11.916Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24141.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-07T13:34:10.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24141.md"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-24141",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24141.md",
                  "refsource": "MISC",
                  "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24141.md"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-24141",
        "datePublished": "2021-07-07T13:34:10.000Z",
        "dateReserved": "2020-08-13T00:00:00.000Z",
        "dateUpdated": "2024-08-04T15:05:11.916Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-4799 (GCVE-0-2025-4799)

    Vulnerability from cvelistv5 – Published: 2025-06-11 03:41 – Updated: 2026-04-08 17:34
    VLAI
    Title
    WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Deletion
    Summary
    The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-36 - Absolute Path Traversal
    Assigner
    Impacted products
    Vendor Product Version
    gamerz WP-DownloadManager Affected: 0 , ≤ 1.68.10 (semver)
    Create a notification for this product.
    Credits
    Jamshed Yergashvoyev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4799",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T13:23:45.565512Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-11T13:23:50.639Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WP-DownloadManager",
              "vendor": "gamerz",
              "versions": [
                {
                  "lessThanOrEqual": "1.68.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jamshed Yergashvoyev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 7.2,
                "baseSeverity": "HIGH",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-36",
                  "description": "CWE-36 Absolute Path Traversal",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T17:34:15.795Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f9d9e485-171f-4e36-943d-397d540e31f4?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L16"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L42"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-manager.php#L215"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3294467/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-10T00:00:00.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "WP-DownloadManager \u003c= 1.68.10 - Authenticated (Administrator+) Arbitrary File Deletion"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4799",
        "datePublished": "2025-06-11T03:41:53.029Z",
        "dateReserved": "2025-05-15T19:37:36.032Z",
        "dateUpdated": "2026-04-08T17:34:15.795Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2025-4798 (GCVE-0-2025-4798)

    Vulnerability from cvelistv5 – Published: 2025-06-11 03:41 – Updated: 2026-04-08 16:59
    VLAI
    Title
    WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Read
    Summary
    The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administrator-level access and above, to download and read any file on the server, including system and configuration files.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
    Assigner
    Impacted products
    Vendor Product Version
    gamerz WP-DownloadManager Affected: 0 , ≤ 1.68.10 (semver)
    Create a notification for this product.
    Credits
    Jamshed Yergashvoyev
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-4798",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-06-11T13:24:22.564285Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-06-11T13:24:30.120Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "product": "WP-DownloadManager",
              "vendor": "gamerz",
              "versions": [
                {
                  "lessThanOrEqual": "1.68.10",
                  "status": "affected",
                  "version": "0",
                  "versionType": "semver"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Jamshed Yergashvoyev"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administrator-level access and above, to download and read any file on the server, including system and configuration files."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "baseScore": 4.9,
                "baseSeverity": "MEDIUM",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-08T16:59:16.878Z",
            "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
            "shortName": "Wordfence"
          },
          "references": [
            {
              "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/6cd166bc-774e-4083-b5f7-bffba1f7c293?source=cve"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L16"
            },
            {
              "url": "https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L42"
            },
            {
              "url": "https://plugins.trac.wordpress.org/changeset/3294467/"
            }
          ],
          "timeline": [
            {
              "lang": "en",
              "time": "2025-06-10T15:30:37.000Z",
              "value": "Disclosed"
            }
          ],
          "title": "WP-DownloadManager \u003c= 1.68.10 - Authenticated (Administrator+) Arbitrary File Read"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "assignerShortName": "Wordfence",
        "cveId": "CVE-2025-4798",
        "datePublished": "2025-06-11T03:41:52.636Z",
        "dateReserved": "2025-05-15T18:56:10.692Z",
        "dateUpdated": "2026-04-08T16:59:16.878Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-25606 (GCVE-0-2022-25606)

    Vulnerability from cvelistv5 – Published: 2022-03-25 18:02 – Updated: 2026-04-28 16:07
    VLAI
    Title
    WordPress WP-DownloadManager plugin <= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
    Summary
    Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vulnerable parameters &download_path, &download_path_url, &download_page_url, &download_categories.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Lester 'GaMerZ' Chan WP-DownloadManager (WordPress) Affected: <= 1.68.5 , ≤ 1.68.5 (custom)
    Create a notification for this product.
    Date Public
    2022-01-10 00:00
    Credits
    Vulnerability discovered by Ex.Mi (Patchstack).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:50.290Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-5-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25606",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-20T19:32:36.647020Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-20T20:29:34.538Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WP-DownloadManager (WordPress)",
              "vendor": "Lester \u0027GaMerZ\u0027 Chan",
              "versions": [
                {
                  "lessThanOrEqual": "1.68.5",
                  "status": "affected",
                  "version": "\u003c= 1.68.5",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Vulnerability discovered by Ex.Mi (Patchstack)."
            }
          ],
          "datePublic": "2022-01-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6). Vulnerable parameters \u0026download_path, \u0026download_path_url, \u0026download_page_url, \u0026download_categories."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:07:39.107Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-5-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update to 1.68.6 or higher version."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress WP-DownloadManager plugin \u003c= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "audit@patchstack.com",
              "DATE_PUBLIC": "2022-01-10T13:42:00.000Z",
              "ID": "CVE-2022-25606",
              "STATE": "PUBLIC",
              "TITLE": "WordPress WP-DownloadManager plugin \u003c= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WP-DownloadManager (WordPress)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "\u003c= 1.68.5",
                                "version_value": "1.68.5"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Lester \u0027GaMerZ\u0027 Chan"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Vulnerability discovered by Ex.Mi (Patchstack)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6). Vulnerable parameters \u0026download_path, \u0026download_path_url, \u0026download_page_url, \u0026download_categories."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/wp-downloadmanager/#developers",
                  "refsource": "CONFIRM",
                  "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
                },
                {
                  "name": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-5-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities",
                  "refsource": "CONFIRM",
                  "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-5-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update to 1.68.6 or higher version."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2022-25606",
        "datePublished": "2022-03-25T18:02:32.949Z",
        "dateReserved": "2022-02-21T00:00:00.000Z",
        "dateUpdated": "2026-04-28T16:07:39.107Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2022-25605 (GCVE-0-2022-25605)

    Vulnerability from cvelistv5 – Published: 2022-03-18 18:00 – Updated: 2026-04-28 16:07
    VLAI
    Title
    WordPress WP-DownloadManager plugin <= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
    Summary
    Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vvulnerable parameters &download_path, &download_path_url, &download_page_url.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    Lester 'GaMerZ' Chan WP-DownloadManager (WordPress) Affected: <= 1.68.6 , ≤ 1.68.6 (custom)
    Create a notification for this product.
    Date Public
    2022-01-12 00:00
    Credits
    Vulnerability discovered by Ex.Mi (Patchstack).
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T04:42:49.984Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2022-25605",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-02-20T19:32:48.830485Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-02-20T20:30:10.178Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WP-DownloadManager (WordPress)",
              "vendor": "Lester \u0027GaMerZ\u0027 Chan",
              "versions": [
                {
                  "lessThanOrEqual": "1.68.6",
                  "status": "affected",
                  "version": "\u003c= 1.68.6",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Vulnerability discovered by Ex.Mi (Patchstack)."
            }
          ],
          "datePublic": "2022-01-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6). Vvulnerable parameters \u0026download_path, \u0026download_path_url, \u0026download_page_url."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:07:39.102Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "value": "Update to 1.68.7 or higher version."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress WP-DownloadManager plugin \u003c= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "audit@patchstack.com",
              "DATE_PUBLIC": "2022-01-12T13:42:00.000Z",
              "ID": "CVE-2022-25605",
              "STATE": "PUBLIC",
              "TITLE": "WordPress WP-DownloadManager plugin \u003c= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WP-DownloadManager (WordPress)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "\u003c= 1.68.6",
                                "version_value": "1.68.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Lester \u0027GaMerZ\u0027 Chan"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Vulnerability discovered by Ex.Mi (Patchstack)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6). Vvulnerable parameters \u0026download_path, \u0026download_path_url, \u0026download_page_url."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/wp-downloadmanager/#developers",
                  "refsource": "CONFIRM",
                  "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
                },
                {
                  "name": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities",
                  "refsource": "CONFIRM",
                  "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-multiple-authenticated-stored-cross-site-scripting-xss-vulnerabilities"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update to 1.68.7 or higher version."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2022-25605",
        "datePublished": "2022-03-18T18:00:27.446Z",
        "dateReserved": "2022-02-21T00:00:00.000Z",
        "dateUpdated": "2026-04-28T16:07:39.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2021-44760 (GCVE-0-2021-44760)

    Vulnerability from cvelistv5 – Published: 2022-03-18 18:00 – Updated: 2026-04-28 16:07
    VLAI
    Title
    WordPress WP-DownloadManager plugin <= 1.68.6 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability
    Summary
    Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin <= 1.68.6 versions.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Cross-site Scripting (XSS)
    Assigner
    References
    Impacted products
    Date Public
    2021-12-27 22:00
    Credits
    thiennv (Patchstack Alliance)
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:32:13.389Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "vdb-entry",
                  "x_transferred"
                ],
                "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-authenticated-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2021-44760",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-04-23T13:06:57.548295Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-04-23T18:45:55.812Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "collectionURL": "https://wordpress.org/plugins",
              "defaultStatus": "unaffected",
              "packageName": "wp-downloadmanager",
              "product": "WP-DownloadManager (WordPress plugin)",
              "vendor": "Lester \u0027GaMerZ\u0027 Chan",
              "versions": [
                {
                  "changes": [
                    {
                      "at": "1.68.7",
                      "status": "unaffected"
                    }
                  ],
                  "lessThanOrEqual": "1.68.6",
                  "status": "affected",
                  "version": "n/a",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "user": "00000000-0000-4000-9000-000000000000",
              "value": "thiennv (Patchstack Alliance)"
            }
          ],
          "datePublic": "2021-12-27T22:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eAuth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin \u003c= 1.68.6 versions.\u003c/p\u003e"
                }
              ],
              "value": "Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin \u003c= 1.68.6 versions."
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-591",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-591 Reflected XSS"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79 Cross-site Scripting (XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-04-28T16:07:38.236Z",
            "orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
            "shortName": "Patchstack"
          },
          "references": [
            {
              "tags": [
                "vdb-entry"
              ],
              "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-authenticated-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve"
            }
          ],
          "solutions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003eUpdate to 1.68.7 or higher version.\u003c/p\u003e"
                }
              ],
              "value": "Update to 1.68.7 or higher version."
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "WordPress WP-DownloadManager plugin \u003c= 1.68.6 - Auth. Reflected Cross-Site Scripting (XSS) vulnerability",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "audit@patchstack.com",
              "DATE_PUBLIC": "2021-12-28T08:23:00.000Z",
              "ID": "CVE-2021-44760",
              "STATE": "PUBLIC",
              "TITLE": "WordPress WP-DownloadManager plugin \u003c= 1.68.6 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WP-DownloadManager (WordPress plugin)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "\u003c= 1.68.6",
                                "version_value": "1.68.6"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Lester \u0027GaMerZ\u0027 Chan"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Vulnerability discovered by Ngo Van Thien (Patchstack Red Team project)."
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Authenticated Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager WordPress plugin (versions \u003c= 1.68.6)."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.8,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "HIGH",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-79 Cross-site Scripting (XSS)"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://wordpress.org/plugins/wp-downloadmanager/#developers",
                  "refsource": "CONFIRM",
                  "url": "https://wordpress.org/plugins/wp-downloadmanager/#developers"
                },
                {
                  "name": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-authenticated-reflected-cross-site-scripting-xss-vulnerability",
                  "refsource": "CONFIRM",
                  "url": "https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-authenticated-reflected-cross-site-scripting-xss-vulnerability"
                }
              ]
            },
            "solution": [
              {
                "lang": "en",
                "value": "Update to 1.68.7 or higher version."
              }
            ],
            "source": {
              "discovery": "EXTERNAL"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
        "assignerShortName": "Patchstack",
        "cveId": "CVE-2021-44760",
        "datePublished": "2022-03-18T18:00:23.573Z",
        "dateReserved": "2022-01-13T00:00:00.000Z",
        "dateUpdated": "2026-04-28T16:07:38.236Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2020-24141 (GCVE-0-2020-24141)

    Vulnerability from cvelistv5 – Published: 2021-07-07 13:34 – Updated: 2024-08-04 15:05
    VLAI
    Summary
    Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T15:05:11.916Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24141.md"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services"
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-07-07T13:34:10.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24141.md"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2020-24141",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services"
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24141.md",
                  "refsource": "MISC",
                  "url": "https://github.com/secwx/research/blob/main/cve/CVE-2020-24141.md"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2020-24141",
        "datePublished": "2021-07-07T13:34:10.000Z",
        "dateReserved": "2020-08-13T00:00:00.000Z",
        "dateUpdated": "2024-08-04T15:05:11.916Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }