Arbitrary File Read Vulnerability in WP-DownloadManager Plugin by WordPress

CVE-2025-4798

What is CVE-2025-4798?

CVE-2025-4798 is a vulnerability affecting the WP-DownloadManager plugin for WordPress, applicable to all versions up to and including 1.68.10. This plugin is designed to manage file downloads within WordPress sites, allowing users to upload, manage, and share files. The vulnerability arises from inadequate restrictions on the directory an administrator can choose for storing downloads. Consequently, this flaw permits authenticated attackers, who possess Administrator-level access, to exploit the system by downloading and reading sensitive files stored on the server. Such access can encompass critical system and configuration files, potentially leading to severe data exposure and compromise of the overall server integrity, which poses a grave risk to any organization utilizing the plugin.

Potential impact of CVE-2025-4798

1. Data Exposure: The vulnerability enables malicious users to access and download sensitive files, including system and configuration files, which may contain confidential information or sensitive user data. This could lead to unauthorized disclosure of proprietary or private information.

2. Server Compromise: By gaining access to critical system files, attackers could potentially exploit other vulnerabilities or create backdoors within the server. This could lead to broader system compromises, increasing the risk of further exploitation.

3. Increased Attack Surface: Organizations utilizing the WP-DownloadManager plugin may face an increased risk of targeted attacks, especially if the exploit is discovered by malicious actors. Unauthorized access can expose organizations to further cybersecurity threats, including potential data breaches and ransomware attacks.

References