WordPress Plugin Vulnerabilities

Download Manager < 3.2.51 - Contributor+ Arbitrary File Deletion

Description

The plugin does not properly validate the path of the file saved within the download post to ensure it is a safe file type or is associated with a download post. As a result, authenticated users able to create downloads, could delete arbitrary files from the server

Affects Plugins

Plugin icon
download-manager
Fixed in 3.2.51

References

CVE
CVE-2022-2431
URL
https://www.wordfence.com/blog/2022/08/high-severity-vulnerability-patched-in-download-manager-plugin/

Classification

Type
FILE DELETION
OWASP top 10
A6: Security Misconfiguration
CWE
CWE-73
CVSS
8.1 (high)

Miscellaneous

Original Researcher
Chloe Chamberland
Verified
Yes
WPVDB ID
0f249c1a-ccab-4746-b55b-23d7e3218d24

Timeline

Publicly Published
2022-08-03 (about 3 years ago)
Added
2022-08-03 (about 3 years ago)
Last Updated
2023-04-12 (about 3 years ago)

Other

Published
Title
Published
2026-05-13
Title
Motors – Car Dealer, Classifieds & Listing < 1.4.108 - Authenticated (Subscriber+) Arbitrary File Deletion via 'stm_dealer_logo_path' Parameter
Published
2025-03-21
Title
Export and Import Users and Customers < 2.6.3 - Directory Traversal to Authenticated (Administrator+) Limited Arbitrary File Deletion via admin_log_page Function
Published
2024-07-16
Title
BookingPress Appointment Booking < 1.1.6 - Authenticated (Subscriber+) Arbitrary File Read to Arbitrary File Creation
Published
2025-11-20
Title
简数采集器 < 2.6.4 - Authenticated (Admin+) Arbitrary File Read
Published
2025-12-11
Title
WP User Manager < 2.9.13 - Authenticated (Subscriber+) Arbitrary File Deletion via 'current_user_avatar' Parameter