Download Manager < 3.2.71 - Broken Access Controls
CVE-2023-1524
6.5MEDIUM
Key Information:
- Vendor
- Wordpress
- Status
- Vendor
- CVE Published:
- 30 May 2023
Badges
πΎ Exploit Existsπ‘ Public PoC
Summary
The Download Manager WordPress plugin before 3.2.71 does not adequately validate passwords for password-protected files. Upon validation, a master key is generated and exposed to the user, which may be used to download any password-protected file on the server, allowing a user to download any file with the knowledge of any one file's password.
Affected Version(s)
Download Manager 0 < 3.2.71
Exploit Proof of Concept (PoC)
PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.
References
CVSS V3.1
Score:
6.5
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
- π‘
Public PoC available
- πΎ
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
Johan Kragt
WPScan