Arbitrary File Download Vulnerability in Download Monitor Plugin by WordPress
CVE-2026-39489
4.4MEDIUM
What is CVE-2026-39489?
The Download Monitor plugin for WordPress versions 5.1.9 and below is susceptible to an arbitrary file download vulnerability. This flaw allows unauthorized users to download files from the server, potentially leading to exposure of sensitive information. It is crucial for users and administrators to update to the latest version to mitigate any risks associated with this vulnerability.
Affected Version(s)
Download Monitor <= 5.1.9