The WordPress Download Manager plugin for WordPress has a security issue which affects versions before 3.1.19. This issue allows users with Author-level privileges or higher to upload files to the affected site’s server with dangerous extensions such as .php4. This could potentially lead to remote code execution.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
