Z-Downloads

Vulnerabilities 5Slug z-downloadsLatest version 1.12.1WordPress.org →

Minimum safe version

1.11.8

Update to 1.11.8 or later to address 5 fixable vulnerabilities

Latest available1.12.1
Medium 6.1
2025-05-15< 1.11.6

Z-Downloads <= 1.11.5 - Unauthenticated Stored Cross-Site Scripting

EUVDWordfenceCVE
High 7.2
2025-05-15< 1.11.5

Z-Downloads <= 1.11.4 - Authenticated (Admin+) Arbitrary File Upload

EUVDWordfenceCVE
Critical 9.1
2025-05-15< 1.11.7

Z-Downloads <= 1.11.6 - Authenticated (Admin+) Stored Cross-Site Scripting via SVG

EUVDWordfenceCVE