← Back

Secure Downloads

secure_downloads

Vendor: Wpbookingcalendar • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-8031
1Wpbookingcalendar
1Secure Downloads
Jun 12, 2025
May 15, 2025
N/A· v4
6.5 MEDIUM· v3
N/A· v2
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to downloa...Show more
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php.Show less