Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

codename065 vulnerabilities and exploits

(subscribe to this query)
5.4
CVSSv3

CVE-2025-1785

The Download Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 3.3.08 via the 'wpdm_newfile' action. This makes it possible for authenticated attackers, with Author-level access and above, to overwrite select file ty...
Codename065 Download Manager
7.3
CVSSv3

CVE-2024-11740

The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.03. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This mak...
Codename065 Download Manager
5.3
CVSSv3

CVE-2024-11768

The Download Manager plugin for WordPress is vulnerable to unauthorized download of password-protected content due to improper password validation on the checkFilePassword function in all versions up to, and including, 3.3.03. This makes it possible for unauthenticated malicious ...
Codename065 Download Manager
5.4
CVSSv3

CVE-2023-2305

The Download Manager plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wpdm_members', 'wpdm_login_form', 'wpdm_reg_form' shortcodes in versions up to, and including, 3.2.70 due to insufficient input sanitization and output es...
Codename065 Download ManagerWpdownloadmanager Wordpress Download Manager
6.5
CVSSv3

CVE-2023-4293

The Premium Packages - Sell Digital Products Securely plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 5.7.4 due to insufficient restriction on the 'wpdmpp_update_profile' function. This makes it possible for authenticated att...
Codename065 Premium Packages – Sell Digital Products SecurelyWpdownloadmanager Premium Packages - Sell Digital Products Securely
6.5
CVSSv3

CVE-2024-33938

Missing Authorization vulnerability in codename065 Sliding Widgets allows Cross-Site Scripting (XSS).This issue affects Sliding Widgets: from n/a up to and including 1.5.0.
Preferred Score:
CVSSv2
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2025-39551hard-codedtype confusionmarkus drubbaCVE-2025-24054broken links removerCVE-2025-39567anthologizeCVE-2025-31201CVE-2025-29454file uploadCVE-2025-39558momen2009
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook