Simple Download Counter < 2.1 – Authenticated (Author+) Arbitrary File Read | CVE 2025-1730 | Plugin Vulnerabilities

Description

The Simple Download Counter plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and including, 2.0 via the 'simple_download_counter_download_handler'. This makes it possible for authenticated attackers, with Author-level access and above, to extract sensitive data including any local file on the server, such as wp-config.php or /etc/passwd.

Affects Plugins

simple-download-counter

Fixed in 2.1

References

CVE

URL

https://www.wordfence.com/threat-intel/vulnerabilities/id/d0eafb20-4ef2-448b-9da7-ad8aa9e45215

Classification

Type

FILE DELETION

OWASP top 10

A6: Security Misconfiguration

CWE

CVSS

Miscellaneous

Original Researcher

omstaendlig

Verified

No

WPVDB ID

5ba6f077-6f0d-414a-8536-941a3d47eeb7

Timeline

Publicly Published

2025-02-28 (about 1 year ago)

Added

2025-02-28 (about 1 year ago)

Last Updated

2025-03-01 (about 1 year ago)

Other

Published

Title

Published

2025-03-06

Title

CS Framework <= 7.1 - Authenticated (Subscriber+) Arbitrary File Read

Published

2021-04-13

Title

CM Download Manager < 2.8.0 - Authenticated Arbitrary File Deletion

Published

2026-05-26

Title

Xpro Elementor Addons - Pro < 1.4.8 - Authenticated (Contributor+) Arbitrary File Read via Draw SVG

Published

2025-03-25

Title

Import Export Suite for CSV and XML Datafeed < 7.19.1 - Subscriber+ Arbitrary File Deletion

Published

2026-04-10

Title

wpForo Forum < 3.0.3 - Authenticated (Subscriber+) Arbitrary File Deletion via 'data[body][fileurl]' Parameter