Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Download Manager — Vulnerabilities & Security Advisories 50

All 50 CVE vulnerabilities found in Download Manager, with AI-generated Chinese analysis, references, and POCs.

Vendor: W3 Eden, Inc.

CVE IDTitleCVSSSeverityPublished
CVE-2024-32131 WordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerability CWE-200 5.3 Medium2024-05-17
CVE-2024-29114 WordPress Download Manager plugin <= 3.2.84 - Cross Site Scripting (XSS) vulnerability CWE-79 6.5 Medium2024-03-19
CVE-2023-6785 Download Manager <= 3.2.84 - Missing Authorization CWE-284 5.3 Medium2024-03-13
CVE-2023-6954 Download Manager <= 3.2.85 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CWE-79 6.4 Medium2024-03-13
CVE-2023-6421 Download Manager < 3.2.83 - Unauthenticated Protected File Download Password Leak 7.5 -2024-01-01
CVE-2023-2305 Download Manager <= 3.2.70 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode CWE-79 6.4 Medium2023-06-09
CVE-2023-1524 Download Manager < 3.2.71 - Broken Access Controls 6.5 -2023-05-30
CVE-2023-1809 Download Manager Pro < 6.3.0 - Unauthenticated Sensitive Information Disclosure 7.5 -2023-05-02
CVE-2022-45836 WordPress Download Manager Plugin <= 3.2.59 is vulnerable to Cross Site Scripting (XSS) CWE-79 7.1 High2023-04-18
CVE-2022-4476 Download Manager < 3.2.62 - Contributor+ Stored XSS 5.4 -2023-01-16
CVE-2022-2926 Download Manager < 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal CWE-22 4.9 -2022-09-26
CVE-2022-2436 Download Manager <= 3.2.49 - Authenticated (Contributor+) PHAR Deserialization CWE-502 8.8 High2022-09-06
CVE-2022-2431 Download Manager <= 3.2.50 - Authenticated (Contributor+) Arbitrary File Deletion CWE-73 8.1 High2022-09-06
CVE-2022-2362 Download Manager < 3.2.50 - Bypass IP Address Blocking Restriction CWE-79 9.1 -2022-08-22
CVE-2022-2101 Download Manager <= 3.2.46 - Contributor+ Cross-Site Scripting CWE-79 6.4 Medium2022-07-18
CVE-2022-2168 Download Manager < 3.2.44 - Reflected Cross-Site Scripting CWE-79 6.1 -2022-07-17
CVE-2022-1985 Download Manager <= 3.2.42 - Reflected Cross-Site Scripting CWE-79 6.1 Medium2022-06-13
CVE-2022-0828 Download Manager < 3.2.39 - Unauthenticated brute force of files master key 7.5 -2022-04-11
CVE-2021-25087 Wordpress Download Manager < 3.2.25 - Sensitive Information Disclosure CWE-862 7.5 -2022-03-07
CVE-2021-25069 WordPress Download Manager < 3.2.34 - Authenticated SQL Injection to Reflected XSS CWE-89 9.8 -2022-02-21

All 50 known CVE vulnerabilities affecting Download Manager with full Chinese analysis, references, and POCs where available.