Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now
Associated Vulnerability
Clear Filters
Found 33 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-4057 Download Manager <= 3.3.51 - Missing Authorization to Authenticated (Contributor+) Media File Protection Removal codename065Download Manager Medium 4.3 2026-04-10 01:24:59 Deep Dive
CVE-2026-5357 Download Manager <= 3.3.52 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes codename065Download Manager Medium 6.4 2026-04-09 02:25:06 Deep Dive
CVE-2026-2571 Download Manager <= 3.3.49 - Missing Authorization to Authenticated (Subscriber+) User Email Enumeration via 'user' Parameter codename065Download Manager Medium 4.3 2026-03-19 06:46:15 Deep Dive
CVE-2026-1666 Download Manager <= 3.3.46 - Reflected Cross-Site Scripting via 'redirect_to' Parameter codename065Download Manager Medium 6.1 2026-02-18 06:42:41 Deep Dive
CVE-2025-15364 Download Manager <= 3.3.40 - Unauthenticated Limited Privilege Escalation via updatePassword codename065Download Manager High 7.3 2026-01-06 01:50:13 Deep Dive
CVE-2025-13498 Download Manager <= 3.3.32 - Missing Authorization to Authenticated (Subscriber+) Media Attachment Password Disclosure codename065Download Manager Medium 4.3 2025-12-18 07:20:46 Deep Dive
CVE-2025-12177 Download Manager <= 3.3.30 - Unauthenticated Cron Trigger due to Hardcoded Cron Key codename065Download Manager Medium 5.3 2025-11-08 03:27:46 Deep Dive
CVE-2025-10146 Download Manager <= 3.3.23 - Reflected Cross-Site Scripting via `user_ids` Parameter codename065Download Manager Medium 6.1 2025-09-19 04:27:04 Deep Dive
CVE-2025-4367 Download Manager <= 3.3.18 - Authenticated (Author+) Stored Cross-site Scripting via wpdm_user_dashboard Shortcode codename065Download Manager Medium 6.4 2025-06-19 03:40:13 Deep Dive
CVE-2025-3404 Download Manager <= 3.3.12 - Authenticated (Author+) Arbitrary File Deletion codename065Download Manager High 8.8 2025-04-19 07:23:40 Deep Dive
CVE-2025-3056 Download Manager <= 3.3.12 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload codename065Download Manager Medium 5.4 2025-04-18 08:21:37 Deep Dive
CVE-2025-1785 Download Manager <= 3.3.08 - Authenticated (Author+) Path Traversal to Limited File Overwrite codename065Download Manager Medium 5.4 2025-03-13 07:31:39 Deep Dive
CVE-2024-11768 Download manager <= 3.3.03 - Improper Authorization to Unauthenticated Download of Password-Protected Files codename065Download Manager Medium 5.3 2024-12-19 05:24:57 Deep Dive
CVE-2024-11740 Download Manager <= 3.3.03 - Unauthenticated Arbitrary Shortcode Execution codename065Download Manager High 7.3 2024-12-19 05:24:56 Deep Dive
CVE-2024-11225 Premium Packages – Sell Digital Products Securely <= 5.9.3 - Reflected Cross-Site Scripting via add_query_arg codename065Premium Packages – Sell Digital Products Securely Medium 6.1 2024-11-22 05:33:42 Deep Dive
CVE-2024-10164 Premium Packages - Sell Digital Products Securely <= 5.9.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpdmpp_pay_link Shortcode codename065Premium Packages – Sell Digital Products Securely Medium 6.4 2024-11-21 02:06:21 Deep Dive
CVE-2024-7386 Premium Packages – Sell Digital Products Securely <= 5.9.1 - Cross-Site Request Forgery codename065Premium Packages – Sell Digital Products Securely Medium 4.3 2024-09-25 02:04:59 Deep Dive
CVE-2024-7486 MultiPurpose <= 1.2.0 - Authenticated (Contributor+) PHP Object Injection codename065MultiPurpose High 8.8 2024-08-08 01:50:34 Deep Dive
CVE-2024-7560 News Flash <= 1.1.0 - Authenticated (Editor+) PHP Object Injection codename065News Flash High 7.2 2024-08-08 01:50:34 Deep Dive
CVE-2024-6208 Download Manager <= 3.2.97 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode codename065Download Manager Medium 6.4 2024-07-31 12:43:17 Deep Dive