WP-DownloadManager

Lester Chan

Developer

1.69.1

Latest version

3,000

Installations

No date

Last updated

WordPress Plugin

No VDP

Claim ownership

Report vulnerability

Vulnerabilities

Security Contributors

Vulnerability history

0 present

9 patched

1 Mitigation rules

Authenticated (Administrator+) Path Traversal to Arbitrary File Deletion via 'file' Parameter vulnerability
<= 1.69
18/02/2026
Authenticated (Administrator+) Path Traversal to Arbitrary File Read via 'download_path' Parameter vulnerability
<= 1.69
18/02/2026
Authenticated (Administrator+) Arbitrary File Deletion vulnerability
<= 1.68.10
31/12/2025
Authenticated (Admin+) Arbitrary File Upload vulnerability
<= 1.68.11
25/09/2025
Authenticated (Administrator+) Arbitrary File Read vulnerability
<= 1.68.10
11/06/2025
Reflected Cross Site Scripting (XSS) vulnerability
<= 1.68.8
27/09/2024
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
<= 1.68.6
12/01/2022
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
<= 1.68.5
10/01/2022
Authenticated Reflected Cross-Site Scripting (XSS) vulnerability
<= 1.68.6
08/12/2021