Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Wsm_downloader
(Wsm_downloader_project)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-08 | CVE-2022-2357 | The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php. | Wsm_downloader | 7.5 | ||
| 2022-08-08 | CVE-2022-2367 | The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation | Wsm_downloader | 7.5 |