WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Simple Download Monitor

2021-12-21
Simple Download Monitor < 3.9.11 - Contributor+ Stored Cross-Site Scripting via Shortcodes
Fixed in version 3.9.11
2021-12-21
Simple Download Monitor < 3.9.9 - Multiple CSRF
Fixed in version 3.9.9
2021-10-05
Simple Download Monitor < 3.9.6 - Unauthorised Log Reset
Fixed in version 3.9.6
2021-10-05
Simple Download Monitor < 3.9.6 - Arbitrary Thumbnails Removal
Fixed in version 3.9.6
2021-10-05
Simple Download Monitor < 3.9.6 - Unauthenticated Log Access
Fixed in version 3.9.6
2021-10-05
Simple Download Monitor < 3.9.5 - Reflected Cross-Site Scripting
Fixed in version 3.9.5
2021-10-05
Simple Download Monitor < 3.9.5 - Contributor+ Stored Cross-Site Scripting via File Thumbnail
Fixed in version 3.9.5
2021-09-02
Simple Download Monitor < 3.9.5 - Contributor+ Arbitrary File Download via Path Traversal
Fixed in version 3.9.5
2020-10-21
Simple Download Monitor < 3.8.9 - Unauthenticated Cross-Site Scripting
Fixed in version 3.8.9
2020-10-21
Simple Download Monitor < 3.8.9 - SQL Injection
Fixed in version 3.8.9
2018-01-02
Simple Download Monitor <= 3.5.3 - Authenticated Cross-Site Scripting (XSS)
Fixed in version 3.5.4
2016-01-19
Simple Download Monitor <= 3.2.8 - Insufficient Authorisation
Fixed in version 3.2.9