WP-DownloadManager

Vulnerabilities 11Slug wp-downloadmanagerLatest version 1.69.1WordPress.org →

Minimum safe version

1.69.1

Update to 1.69.1 or later to address 11 fixable vulnerabilities

Latest available1.69.1
N/A
2026-02-17< 1.69.1

WP-DownloadManager <= 1.69 - Authenticated (Administrator+) Path Traversal to Arbitrary File Read via 'download_path' Parameter

WordfenceCVE
N/A
2026-02-17< 1.69.1

WP-DownloadManager <= 1.69 - Authenticated (Administrator+) Path Traversal to Arbitrary File Deletion via 'file' Parameter

WordfenceCVE
High 7.2
2025-06-11< 1.68.11

WP-DownloadManager <= 1.68.10 - Authenticated (Administrator+) Arbitrary File Deletion

EUVDWordfenceCVE
Medium 4.9
2025-06-11< 1.68.11

WordPress WP-DownloadManager Plugin <= 1.68.10 is vulnerable to Arbitrary File Download

PatchstackEUVDWordfenceCVE