Vulnerabilities and security researches forwp-downloadmanager wp-downloadmanager

Jun 06, 2024

CVE, Research URL: CVE-2021-44760
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Mar 18, 2022
Research Description: Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin <= 1.68.6 versions.
Affected versions: max 1.68.7.
Status: vulnerable

CVE, Research URL: CVE-2013-2697
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Apr 19, 2013
Research Description: Cross-site request forgery (CSRF) vulnerability in the WP-DownloadManager plugin before 1.61 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
Affected versions: max 1.61.
Status: vulnerable

CVE, Research URL: CVE-2022-25606
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Mar 26, 2022
Research Description: Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vulnerable parameters &download_path, &download_path_url, &download_page_url, &download_categories.
Affected versions: max 1.68.7.
Status: vulnerable

CVE, Research URL: CVE-2020-24141
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Jul 07, 2021
Research Description: Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services
Affected versions: max 1.68.6.
Status: vulnerable

CVE, Research URL: CVE-2022-25605
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Mar 18, 2022
Research Description: Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vvulnerable parameters &download_path, &download_path_url, &download_page_url.
Affected versions: max 1.68.7.
Status: vulnerable

Oct 01, 2024

CVE, Research URL: CVE-2024-47341
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Oct 06, 2024
Research Description: Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Lester ‘GaMerZ’ Chan WP-DownloadManager allows Reflected XSS.This issue affects WP-DownloadManager: from n/a through 1.68.8.
Affected versions: max 1.68.9.
Status: vulnerable

Jun 15, 2025

CVE, Research URL: CVE-2025-4799
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Jun 11, 2025
Research Description: The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory.
Affected versions: max 1.68.11.
Status: vulnerable

CVE, Research URL: CVE-2025-4798
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Jun 11, 2025
Research Description: The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file read in all versions up to, and including, 1.68.10. This is due to a lack of restriction on the directory an administrator can select for storing downloads. This makes it possible for authenticated attackers, with Administrator-level access and above, to download and read any file on the server, including system and configuration files.
Affected versions: max 1.68.11.
Status: vulnerable

Nov 11, 2025

CVE, Research URL: CVE-2025-10747
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Sep 26, 2025
Research Description: The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the download-add.php file in all versions up to, and including, 1.68.11. This makes it possible for authenticated attackers, with Administrator-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Affected versions: max 1.69.
Status: vulnerable

Apr 15, 2026

CVE, Research URL: CVE-2026-2419
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Feb 18, 2026
Research Description: The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'download_path' configuration parameter. This is due to insufficient validation of the download path setting, which allows directory traversal sequences to bypass the WP_CONTENT_DIR prefix check. This makes it possible for authenticated attackers, with Administrator-level access and above, to configure the plugin to list and access arbitrary files on the server by exploiting the file browser functionality.
Affected versions: max 1.69.1.
Status: vulnerable

CVE, Research URL: CVE-2026-2426
Home page URL: Security reports for WP-DownloadManager
Application: WP-DownloadManager
Date: Feb 18, 2026
Research Description: The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'file' parameter in the file deletion functionality. This is due to insufficient validation of user-supplied file paths, allowing directory traversal sequences. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can lead to remote code execution when critical files like wp-config.php are deleted.
Affected versions: max 1.69.1.
Status: vulnerable