Media Library File Download

Vulnerabilities 6Slug media-downloadLatest version 1.4WordPress.org →

Minimum safe version

1.1

Update to 1.1 or later to address 4 fixable vulnerabilities

Latest available1.4 ⚠ 2 vulnerabilities have no fix
Medium 4.3 Unfixed
2025-12-09≤ 1.4

CVE-2025-62103

CVEWordfence
Medium 6.3
2024-10-16< 1.1

Freemius SDK <= 2.4.2 - Missing Authorization Checks

CVE
N/A Unfixed
2023-07-18≤ 1.4

WordPress Media Library File Download Plugin <= 1.4 is vulnerable to Cross Site Scripting (XSS)

PatchstackWPScanCVE
N/A
2022-03-04< 1.1

Freemius SDK <= 2.4.2 - Missing Authorization Checks

Wordfence
N/A
2022-02-28< 1.1

WordPress Media Library File Download plugin <= 1.0 - Sensitive Information Disclosure vulnerability

Patchstack
N/A
2022-02-28< 1.1

WordPress Media Library File Download plugin <= 1.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Patchstack