WordPress Plugin Vulnerabilities

CM Download and File Manager < 2.9.0 - Download Unpublish via CSRF

Description

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack

Proof of Concept

Affects Plugins

Plugin icon
cm-download-manager
Fixed in 2.9.0

References

CVE
CVE-2024-1231
YouTube Video

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352
CVSS
5.4 (medium)

Miscellaneous

Original Researcher
Sushmita Poudel
Submitter
Sushmita Poudel
Submitter website
https://susmitapoudel.com.np
Submitter twitter
poudelsushmita1
Verified
Yes
WPVDB ID
7d3968d9-61ed-4c00-8764-0360cf03255e

Timeline

Publicly Published
2024-03-04 (about 1 year ago)
Added
2024-03-04 (about 1 year ago)
Last Updated
2024-03-04 (about 1 year ago)

Other

Published
Title
Published
2021-07-05
Title
Woo MerchantX <= 1.0 - CSRF Bypass
Published
2023-04-19
Title
SiteAlert (Formerly WP Health) <= 1.9.8 - Cross-Site Request Forgery
Published
2022-12-14
Title
ipBlockList <= 1.0 - CSRF
Published
2023-11-07
Title
Droit Dark Mode <= 1.1.2 - Cross-Site Request Forgery
Published
2025-04-09
Title
WP w3all phpBB < 3.0.0 - Stored XSS via CSRF