WSM Downloader <= 1.4.0 - Domain Name Restriction Bypass
CVE-2022-2367
7.5HIGH
What is CVE-2022-2367?
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation
Affected Version(s)
WSM Downloader 1.4.0