Vulnerabilities > WSM Downloader Project

DATE	CVE	VULNERABILITY TITLE	RISK
2022-08-08	CVE-2022-2357	Files or Directories Accessible to External Parties vulnerability in WSM Downloader Project WSM Downloader 1.4.0 The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php. network low complexity wsm-downloader-project CWE-552	7.5
2022-08-08	CVE-2022-2367	Authorization Bypass Through User-Controlled Key vulnerability in WSM Downloader Project WSM Downloader 1.4.0 The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation network low complexity wsm-downloader-project CWE-639	7.5

Vulnerabilities > WSM Downloader Project {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"WSM Downloader Project"}]}