Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
download plugin vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2021-24703
The Download Plugin WordPress plugin prior to 1.6.1 does not have capability and CSRF checks in the dpwap_plugin_activate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed.
Metagauss Download Plugin
NA
CVE-2021-25059
The Download Plugin WordPress plugin prior to 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download a full copy of the website.
Metagauss Download Plugin
NA
CVE-2022-36345
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Plugin <= 2.0.4 versions.
Metagauss Download Plugin
7.5
CVSSv2
CVE-2008-2034
SQL injection vulnerability in wp-download_monitor/download.php in the Download Monitor 2.0.6 plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the id parameter. NOTE: the provenance of this information is unknown; the details are obtained s...
Wordpress Download Monitor Plugin 2.0.6
NA
CVE-2023-4838
The Simple Download Counter plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in versions up to, and including, 1.6 due to insufficient input sanitization and output escaping on user supplied attributes like 'before' and ...
Plugin-planet Simple Download Counter
4.3
CVSSv2
CVE-2013-7319
Cross-site scripting (XSS) vulnerability in the Download Manager plugin prior to 2.5.9 for WordPress allows remote malicious users to inject arbitrary web script or HTML via the title field.
Wpdownloadmanager Wordpress Download Manager 2.5.2
Wpdownloadmanager Wordpress Download Manager 2.5.3
Wpdownloadmanager Wordpress Download Manager 2.5.6
Wpdownloadmanager Wordpress Download Manager 2.5.7
Wpdownloadmanager Wordpress Download Manager 2.5.4
Wpdownloadmanager Wordpress Download Manager 2.5.5
Wpdownloadmanager Wordpress Download Manager 2.5.0
Wpdownloadmanager Wordpress Download Manager 2.5.1
Wpdownloadmanager Wordpress Download Manager
1 EDB exploit
5
CVSSv2
CVE-2014-5465
Directory traversal vulnerability in force-download.php in the Download Shortcode plugin 0.2.3 and previous versions for WordPress allows remote malicious users to read arbitrary files via a .. (dot dot) in the file parameter.
Werdswords Download Shortcode 0.2
Werdswords Download Shortcode 0.1
Werdswords Download Shortcode
Werdswords Download Shortcode 0.2.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-1646
SQL injection vulnerability in wp-download.php in the WP-Download 1.2 plugin for WordPress allows remote malicious users to execute arbitrary SQL commands via the dl_id parameter.
Arnos Toolbox Wp-download 1.2
Wordpress Wp Download 1.2
1 EDB exploit
9.3
CVSSv2
CVE-2009-2386
Insecure method vulnerability in Awingsoft Awakening Winds3D Viewer plugin 3.5.0.0, 3.0.0.5, and possibly other versions allows remote malicious users to force the download and execution of arbitrary files via the GetURL method.
Awingsoft Awakening Winds3d Viewer Plugin 3.5.0.0
Awingsoft Awakening Winds3d Viewer Plugin 3.0.0.5
1 EDB exploit
10
CVSSv2
CVE-2014-8877
The alterSearchQuery function in lib/controllers/CmdownloadController.php in the CreativeMinds CM Downloads Manager plugin prior to 2.0.4 for WordPress allows remote malicious users to execute arbitrary PHP code via the CMDsearch parameter to cmdownloads/, which is processed by t...
Creative Minds Cm Download Manager
Creative Minds Cm Download Manager 2.0.2
Creative Minds Cm Download Manager 2.0.1
Creative Minds Cm Download Manager 2.0.0
1 EDB exploit
2 Nmap scripts
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »