Vulnerabilities > CVE-2023-1809 - Unspecified vulnerability in Wpdownloadmanager Download Manager 6.0.0

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

wpdownloadmanager

NVD

Published: 2023-05-02

Updated: 2023-11-07

Summary

The Download Manager WordPress plugin before 6.3.0 leaks master key information without the need for a password, allowing attackers to download arbitrary password-protected package files.

Vulnerable Configurations

Part	Description	Count
Application	Wpdownloadmanager Wpdownloadmanager Download Manager 6.0.0	1

References

https://wpscan.com/vulnerability/57f0a078-fbeb-4b05-8892-e6d99edb82c1