PT-2025-17370 · WordPress · Download Manager
Audrey François
+1
·
Published
2025-04-19
·
Updated
2025-04-22
·
CVE-2025-3404
CVSS v3.1
8.8
High
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Download Manager plugin for WordPress versions up to, and including, 3.3.12
Description
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the
savePackage function. This makes it possible for authenticated attackers, with Author-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted, such as wp-config.php.Recommendations
For versions up to, and including, 3.3.12, update to a version that fixes the
savePackage function issue to prevent arbitrary file deletion.
As a temporary workaround, consider disabling the savePackage function until a patch is available.
Restrict access to the Download Manager plugin to minimize the risk of exploitation.
Avoid using the plugin until the issue is resolved.Fix
RCE
Path traversal
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Download Manager