Cminds: >> Cm Download Manager >> 2.9.0 Security Vulnerabilities
The CM Download Manager WordPress plugin before 2.9.1 does not have CSRF checks in some places, which could allow attackers to make logged in admins edit downloads via a CSRF attack
CVSS Score
8.8
EPSS Score
0.006
Published
2024-03-25