CVE-2023-6785

Name of the Vulnerable Software and Affected Versions Download Manager plugin for WordPress versions up to, and including, 3.2.84

Description The issue allows unauthorized file download of files added via the plugin, making it possible for unauthenticated attackers to download files, even those privately published.

Recommendations For versions up to, and including, 3.2.84, update to a version later than 3.2.84 to resolve the issue. As a temporary workaround, consider restricting access to the Download Manager plugin until a patch is available.