cleantalk
Vulnerabilities and Security Researches

Download Plugins and Themes from Dashboard, CVE-2024-35162

CVE, Research URL

CVE-2024-35162

Home page URL

Security reports for Download Plugins and Themes from Dashboard

Application

Download Plugins and Themes from Dashboard

Published on
May 22, 2024
Research Description
Path traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploited, a remote authenticated attacker with "switch_themes" privilege may obtain arbitrary files on the server.
Affected versions
max 1.8.6.
Status
vulnerable
Previous vulnerability researches
Download Plugins and Themes from Dashboard (CVE-2024-9232) , Oct 12, 2024
Download Plugins and Themes from Dashboard (CVE-2019-17239) , Jun 07, 2024
Download Plugins and Themes from Dashboard (CVE-2024-35162) , Jun 07, 2024
Download Plugins and Themes from Dashboard (CVE-2025-14399) , Jan 10, 2026
Download Plugins and Themes from Dashboard (CVE-2024-7501) , Aug 17, 2024
New vulnerability
Pure WC Variation Swatches (CVE-2025-12820) , Jan 11, 2026
WP Scraper (CVE-2025-62088) , Jan 11, 2026
Chat Widget: Customer Support Button with SMS Call Button, Click to Chat Messenger Live Chat Support Chat Button – Bit As (CVE-2025-68596) , Jan 11, 2026
Free Follow-Up Emails & Marketing Automation for WooCommerce – ShopMagic (CVE-2025-69093) , Jan 11, 2026
SALESmanago (CVE-2025-68571) , Jan 11, 2026