Metagauss: >> Download Plugin Security Vulnerabilities
The Download Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability checks on the 'dpwap_handle_download_user' and 'dpwap_handle_download_comment' functions in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to download any comment, and download metadata for any user including user PII and sensitive information including username, email, hashed passwords and application passwords, session token information and more depending on set up and additional plugins installed.
CVSS Score
6.5
EPSS Score
0.002
Published
2024-10-23
Cross-Site Request Forgery (CSRF) vulnerability in Metagauss Download PluginĀ <= 2.0.4 versions.
CVSS Score
4.3
EPSS Score
0.001
Published
2023-05-28
The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download a full copy of the website.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-11-28
The Download Plugin WordPress plugin before 1.6.1 does not have capability and CSRF checks in the dpwap_plugin_activate AJAX action, allowing any authenticated users, such as subscribers, to activate plugins that are already installed.
CVSS Score
5.7
EPSS Score
0.001
Published
2021-11-23