Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Wsm Downloader Project Subscribe
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-2357 1 Wsm Downloader Project 1 Wsm Downloader 2022-08-12 N/A 7.5 HIGH
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php.
CVE-2022-2367 1 Wsm Downloader Project 1 Wsm Downloader 2022-08-11 N/A 7.5 HIGH
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation