Download Monitor
WP Chill
Developer
5.1.14
Latest version
80,000
Installations
No date
Last updated
Vulnerability history
0 present
26 patched
5 Mitigation rules
- Non-Arbitrary File Download vulnerability<= 5.1.920/04/2026
- Cross-Site Request Forgery to Download Path Deletion and Disabling vulnerability<= 5.1.1007/04/2026
- Insecure Direct Object Reference to Unauthenticated Arbitrary Order Completion via 'token' and 'order_id' vulnerability<= 5.1.730/03/2026
- SQL Injection vulnerability<= 5.1.825/03/2026
- Local File Inclusion Vulnerability<= 5.0.2207/05/2025
- Missing Authorization to Sensitive Information Exposure vulnerability<= 5.0.1329/10/2024
- Missing Authorization to API Key Manipulation vulnerability<= 5.0.1225/10/2024
- Missing Authorization to Authenticated (Subscriber+) Shop Enable vulnerability<= 5.0.926/09/2024
- Missing Authorization vulnerability<= 4.9.1329/05/2024
- Auth. SQL Injection vulnerability<= 4.9.428/03/2024
- Authenticated SQL Injection vulnerability< 4.9.508/01/2024
- Arbitrary File Upload vulnerability<= 4.8.313/06/2023
- Server Side Request Forgery (SSRF) vulnerability<= 4.8.130/05/2023
- Sensitive Data Exposure vulnerability<= 4.7.6010/05/2023
- Authenticated Arbitrary File Download vulnerability<= 4.5.9719/09/2022
- Authenticated Arbitrary File Download vulnerability<= 4.5.927/06/2022
- Authenticated Persistent Cross-Site Scripting (XSS) vulnerability<= 4.4.629/10/2021
- Authenticated Arbitrary File Download vulnerability<= 4.4.629/10/2021
- Authenticated Reflected Cross-Site Scripting (XSS) vulnerability<= 4.4.629/10/2021
- SQL Injection (SQLi) vulnerability<= 4.4.420/10/2021
- Authenticated Directory Listing<= 1.6.311/08/2016
- Cross Site Scripting<= 1.7.015/05/2015
- XSS #1<= 3.3.6.109/08/2013
- XSS #2<= 3.3.6.122/04/2013
- Cross Site Scripting<= 3.3.5.730/08/2012
- SQL Injection<= 2.0.630/04/2008