Multiple Vulnerabilities Patched in WordPress Download Manager

Posted on

The WordFence team found two separate vulnerabilities, including a sensitive information disclosure as well as a file upload vulnerability which could have resulted in Remote Code Execution in some configurations.

A patched version of the WP Download Manager plugin was released within days of disclosure.

Original article: https://www.wordfence.com/blog/2021/07/wordpress-download-manager-vulnerabilities/

Posted in Vulnerability.

Related Posts

  1. Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable

    August 2, 2023

  2. “Never Assume Anything” – Unauthenticated Stored Cross-Site Scripting Vulnerability Exposed in 14 Email Logging Plugins

    July 20, 2023

  3. Massive Targeted Exploit Campaign Against WooCommerce Payments Underway

    July 18, 2023