Wpbookingcalendar: >> Secure Downloads Security Vulnerabilities
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-15