Filtered by vendor Metagauss
Subscriptions
Filtered by product Download Plugin
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-25059 | 1 Metagauss | 1 Download Plugin | 2023-11-07 | 4.3 Medium |
| The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download a full copy of the website. | ||||
| CVE-2022-36345 | 1 Metagauss | 1 Download Plugin | 2023-06-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download PluginĀ <= 2.0.4 versions. | ||||
| CVE-2021-24703 | 1 Metagauss | 1 Download Plugin | 2022-10-24 | 5.7 Medium |
| The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the dpwap_plugin_activate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed. | ||||
Page 1 of 1.