← Back

Mandsconsulting

mandsconsulting

2 CVEs • 1 product

Products (1)

Click to collapse
Toggle
Email Before Download
email_before_download
2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2024-23519
1Mandsconsulting
1Email Before Download
Jun 17, 2026
Feb 29, 2024
N/A· v4
8.8 HIGH· v3
N/A· v2
Cross-Site Request Forgery (CSRF) vulnerability in M&S Consulting Email Before Download.This issue affects Email Before Download: from n/a through 6.9.7.
CVE-2021-24748
1Mandsconsulting
1Email Before Download
Jun 17, 2026
Nov 29, 2021
N/A· v4
8.8 HIGH· v3
6.5 MEDIUM· v2
The Email Before Download WordPress plugin before 6.8 does not properly validate and escape the order and orderby GET parameters before using them in SQL statements, leading to authenticated SQL injection issues