Vulnerabilities > Metagauss > Download Plugin > 2.0.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-10-23 | CVE-2024-9829 | Missing Authorization vulnerability in Metagauss Download Plugin The Download Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability checks on the 'dpwap_handle_download_user' and 'dpwap_handle_download_comment' functions in all versions up to, and including, 2.2.0. | 6.5 |
| 2023-05-28 | CVE-2022-36345 | Unspecified vulnerability in Metagauss Download Plugin Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download Plugin <= 2.0.4 versions. | 8.8 |