A plugin called Download Manager for WordPress has a security issue in versions up to 3.3.24. This is because it doesn’t properly check for a special code to prevent fake requests. It could allow someone who isn’t logged in to the site to do something they’re not supposed to do, if they can trick the person in charge into clicking on a link.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
