Vulnerabilities > W3Eden > Download Manager > 3.3.01

DATE CVE VULNERABILITY TITLE RISK
2024-12-31 CVE-2024-56217 Missing Authorization vulnerability in W3Eden Download Manager
Missing Authorization vulnerability in W3 Eden, Inc.
network
low complexity
w3eden CWE-862
6.3
6.3
2024-12-19 CVE-2024-11740 Code Injection vulnerability in W3Eden Download Manager
The The Download Manager plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.3.03.
network
low complexity
w3eden CWE-94
7.3
7.3
2024-12-19 CVE-2024-11768 Unspecified vulnerability in W3Eden Download Manager
The Download Manager plugin for WordPress is vulnerable to unauthorized download of password-protected content due to improper password validation on the checkFilePassword function in all versions up to, and including, 3.3.03.
network
low complexity
w3eden
5.3
5.3