Vulnerabilities > Wpdownloadmanager

DATE CVE VULNERABILITY TITLE RISK
2019-09-03 CVE-2019-15889 Cross-site Scripting vulnerability in Wpdownloadmanager Wordpress Download Manager
The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter. 		4.3
4.3
2018-01-16 CVE-2017-18032 Cross-site Scripting vulnerability in Wpdownloadmanager Wordpress Download Manager
The download-manager plugin before 2.9.52 for WordPress has XSS via the id parameter in a wpdm_generate_password action to wp-admin/admin-ajax.php. 		4.3
4.3
2017-07-07 CVE-2017-2217 Open Redirect vulnerability in Wpdownloadmanager Wordpress Download Manager
Open redirect vulnerability in WordPress Download Manager prior to version 2.9.51 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. 		5.8
5.8
2017-07-07 CVE-2017-2216 Cross-site Scripting vulnerability in Wpdownloadmanager Wordpress Download Manager
Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. 		4.3
4.3
2014-11-04 CVE-2014-8585 Link Following vulnerability in Wpdownloadmanager Wordpress Download Manager
Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a ..
network
low complexity
wpdownloadmanager CWE-59
5.0
5.0
2014-02-06 CVE-2013-7319 Cross-Site Scripting vulnerability in Wpdownloadmanager Wordpress Download Manager
Cross-site scripting (XSS) vulnerability in the Download Manager plugin before 2.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the title field. 		4.3
4.3