Vulnerabilities > Wpdownloadmanager > Wordpress Download Manager > 3.1.17

DATE CVE VULNERABILITY TITLE RISK
2021-08-05 CVE-2021-34639 Unrestricted Upload of File with Dangerous Type vulnerability in Wpdownloadmanager Wordpress Download Manager
Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g.
network
low complexity
wpdownloadmanager CWE-434
6.5
6.5