| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-30910 | WordPress CM Download Manager plugin <= 2.9.6 - Arbitrary File Deletion vulnerability | CreativeMindsSolutions | CM Download Manager | High | 8.6 | 2025-04-01 05:31:41 | Deep Dive |
| CVE-2024-13126 | Download Manager < 3.3.07 - Unauthenticated Data Exposure | Unknown | Download Manager | 中危 | - | 2025-03-16 06:00:05 | Deep Dive |
| CVE-2025-1785 | Download Manager <= 3.3.08 - Authenticated (Author+) Path Traversal to Limited File Overwrite | codename065 | Download Manager | Medium | 5.4 | 2025-03-13 07:31:39 | Deep Dive |
| CVE-2024-13799 | User Private Files – File Upload & Download Manager with Secure File Sharing <= 2.1.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting | deepakkite | File Sharing & Download Manager – User Private Files | Medium | 6.4 | 2025-02-19 05:22:53 | Deep Dive |
| CVE-2024-56217 | WordPress Download Manager plugin <= 3.3.03 - Broken Access Control vulnerability | Shahjada | Download Manager | Medium | 4.3 | 2024-12-31 10:21:51 | Deep Dive |
| CVE-2024-10706 | Download Manager < 3.3.03 - Admin+ Stored XSS | Unknown | Download Manager | 中危 | - | 2024-12-20 06:00:04 | Deep Dive |
| CVE-2024-11768 | Download manager <= 3.3.03 - Improper Authorization to Unauthenticated Download of Password-Protected Files | codename065 | Download Manager | Medium | 5.3 | 2024-12-19 05:24:57 | Deep Dive |
| CVE-2024-11740 | Download Manager <= 3.3.03 - Unauthenticated Arbitrary Shortcode Execution | codename065 | Download Manager | High | 7.3 | 2024-12-19 05:24:56 | Deep Dive |
| CVE-2024-8444 | Download Manager < 3.3.00 - Contributor+ Stored XSS | Unknown | Download Manager | - | - | 2024-10-30 06:00:04 | Deep Dive |
| CVE-2024-49315 | WordPress FREE DOWNLOAD MANAGER plugin <= 1.0.0 - Arbitrary File Deletion vulnerability | CodeFlock | FREE DOWNLOAD MANAGER | - | - | 2024-10-17 13:29:24 | Deep Dive |
| CVE-2024-6208 | Download Manager <= 3.2.97 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | codename065 | Download Manager | Medium | 6.4 | 2024-07-31 12:43:17 | Deep Dive |
| CVE-2024-2098 | Download Manager <= 3.2.89 - Improper Authorization via protectMediaLibrary | codename065 | Download Manager | High | 7.5 | 2024-06-13 05:34:45 | Deep Dive |
| CVE-2024-1766 | Download Manager <= 3.2.86 - Authenticated (Subscriber+) Stored Self-Based Cross-Site Scripting | codename065 | Download Manager | Medium | 4.4 | 2024-06-12 11:05:08 | Deep Dive |
| CVE-2024-5266 | Download Manager <= 3.2.92 - Authenticated (Author+) Stored Cross-Site Scripting via Multiple Shortcodes | codename065 | Download Manager | Medium | 6.4 | 2024-06-12 08:33:19 | Deep Dive |
| CVE-2024-4001 | Download Manager <= 3.2.93 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpdm_modal_login_form Shortcode | codename065 | Download Manager | Medium | 6.4 | 2024-06-05 11:01:59 | Deep Dive |
| CVE-2024-4160 | Download Manager <= 3.2.90 - Authenticated (Contributor+) Stored Cross-Site Scripting via wpdm-all-packages Shortcode | codename065 | Download Manager | Medium | 6.4 | 2024-05-31 09:31:40 | Deep Dive |
| CVE-2024-32131 | WordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerability | W3 Eden Inc. | Download Manager | Medium | 5.3 | 2024-05-17 08:18:51 | Deep Dive |
| CVE-2024-1962 | CM Download and File Manager < 2.9.1 - Download Edit via CSRF | Unknown | CM Download Manager | - | - | 2024-03-25 05:00:02 | Deep Dive |
| CVE-2024-1232 | CM Download Manager < 2.9.0 - Download Deletion via CSRF | Unknown | CM Download Manager | - | - | 2024-03-25 05:00:01 | Deep Dive |
| CVE-2024-1231 | CM Download and File Manager < 2.9.0 - Download Unpublish via CSRF | Unknown | CM Download Manager | - | - | 2024-03-25 05:00:01 | Deep Dive |