Liu Shaohong

**Name of the Vulnerable Software and Affected Versions** W3 Eden Inc. Download Manager versions 3.2.82 and earlier **Description** The issue is related to Exposure of Sensitive Information to an Unauthorized Actor, allowing Functionality Bypass in W3 Eden Inc. Download Manager. **Recommendations** For versions 3.2.82 and earlier, update to a version that contains a fix for this issue, as the current version allows unauthorized access to sensitive information. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Download Manager WordPress plugin versions prior to 3.2.83 **Description** The issue concerns the Download Manager WordPress plugin, which does not protect file download passwords. When an invalid password is received, the password is leaked. **Recommendations** For versions prior to 3.2.83, update to version 3.2.83 or later to resolve the issue. As a temporary workaround, consider restricting access to the file download feature until the update is applied.