Sunnatillo Abdivasiyev

**Name of the Vulnerable Software and Affected Versions** WP-DownloadManager plugin for WordPress versions prior to 1.70 **Description** The WP-DownloadManager plugin for WordPress is susceptible to a Path Traversal issue due to inadequate validation of the `download path` configuration parameter. This allows attackers with Administrator-level access or higher to bypass the WP CONTENT DIR prefix check and potentially access arbitrary files on the server through the file browser functionality. The issue exists because of insufficient validation of the download path setting. **Recommendations** Update the WP-DownloadManager plugin to version 1.70 or later.

**Name of the Vulnerable Software and Affected Versions** WP-DownloadManager versions prior to 1.69 **Description** The WP-DownloadManager plugin for WordPress is susceptible to a Path Traversal issue due to inadequate validation of file paths provided by users. This affects the file deletion functionality, specifically through the `file` parameter. Successful exploitation allows authenticated attackers with Administrator-level access or higher to delete arbitrary files on the server. Deletion of critical files, such as `wp-config.php`, could lead to remote code execution. **Recommendations** Update WP-DownloadManager to a version newer than 1.69.

**Nome do Software Vulnerável e Versões Afetadas** Plugin WP-DownloadManager para WordPress em versões anteriores à 1.68.12 **Descrição** O plugin WP-DownloadManager para WordPress está suscetível a upload irrestrito de arquivos devido à falta de validação de tipo de arquivo no arquivo `download-add.php`. Isso permite que atacantes com acesso de nível de Administrador ou superior façam upload de arquivos arbitrários para o servidor, potencialmente levando à execução remota de código. **Recomendações** Atualize o plugin WP-DownloadManager para a versão 1.68.12 ou posterior.