WordPress Download Plugin Vulnerabilities

Wordpress Download Plugin vulnerabilities.

JSON RSS CSV 🔔 Create Alert Trigger

7 May 2025

Insecure Direct Object Reference in WP SmartPay Plugin for WordPress
CVE-2025-3851
WordPressDownload Manager And P...4.3MEDIUM

23 October 2024

Unauthorized Access of Data in Download Plugin for WordPress
CVE-2024-9829
WordpressDownload Plugin6.5MEDIUM

16 October 2024

Freemius SDK Vulnerabilities Affect Hundreds of WordPress Plugins and Themes
CVE-2022-4974
WordpressYasr – Yet Another Sta...6.3MEDIUM

11 October 2024

Unauthenticated Cross-Site Scripting Vulnerability in Dashboard Plugin for WordPress
CVE-2024-9232
WordpressDownload Plugins And T...6.1MEDIUM

16 August 2024

Cross-Site Request Forgery Vulnerability in Download Plugins and Themes in ZIP
CVE-2024-7501
WordpressDownload Plugins And T...4.2MEDIUM

17 October 2023

Halulu simple-download-button-shortcode Plugin Download simple-download-button_dl.php information disclosure
CVE-2012-10016
WordpressSimple-download-button...4.3MEDIUM

28 May 2023

WordPress Download Plugin Plugin <= 2.0.4 is vulnerable to Cross Site Request Forgery (CSRF)
CVE-2022-36345
WordPressDownload Plugin4.3MEDIUM

4 March 2023

Media Downloader Plugin getfile.php dl_file_resumable cross site scripting
CVE-2014-125090
WordpressMedia Downloader Plugin3.5LOW

20 January 2023

Unauthenticated SQL Injection in Easy Digital Downloads Plugin for WordPress
CVE-2023-23489
WordpressEasy Digital Downloads...EPSS 83%9.8CRITICAL

28 November 2022

Download Plugin < 2.0.0 - Subscriber+ Website Download
CVE-2021-25059
WordpressDownload Plugin👾🟡4.3MEDIUM

23 August 2022

22 August 2022

WordPress Download Manager plugin <= 3.2.48 - Cross-Site Request Forgery (CSRF) vulnerability
CVE-2022-34347
WordPressDownload Manager (Word...8.8HIGH

24 June 2022

WP-Filebase Download Manager Plugin cross site scriting
CVE-2017-20097
WordPressWP-filebase Download M...3.5LOW

14 January 2022

WordPress plugin Download Monitor <= 4.4.6 - Authenticated Reflected Cross-Site Scripting (XSS) vulnerability
CVE-2021-36920
WordPressDownload Monitor (Word...4.8MEDIUM

23 November 2021

Download Plugin < 1.6.1 - Subscriber+ Arbitrary Plugin Activation
CVE-2021-24703
WordpressDownload Plugin5.7MEDIUM

17 November 2021

Shared Files < 1.6.61 - Admin+ Stored Cross-Site Scripting
CVE-2021-24856
WordpressShared Files – Easy Do...4.8MEDIUM

18 October 2021

Shared Files < 1.6.57 - Admin+ Stored Cross-Site Scripting
CVE-2021-24736
WordpressEasy Download Manager ...4.8MEDIUM

7 October 2019

Unauthenticated Stored XSS in Download Plugins Dashboard for WordPress
CVE-2019-17239
WordpressDownload Plugins And T...6.1MEDIUM

30 April 2008

SQL Injection Vulnerability in Download Monitor Plugin for WordPress
CVE-2008-2034
WordpressDownload Monitor Plugin