WordPress Plugin Vulnerabilities

Simple Download Monitor <= 3.2.8 - Insufficient Authorisation

Description

The Simple Download Monitor WordPress plugin was affected by an Insufficient Authorisation security vulnerability.

Affects Plugins

Plugin icon
simple-download-monitor
Fixed in 3.2.9

References

URL
https://www.pritect.net/blog/simple-download-monitor-3-2-8-security-vulnerability

Classification

Type
AUTHBYPASS
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-287

Miscellaneous

Submitter
James Golovich
Submitter website
http://pritect.net
Submitter twitter
Pritect
Verified
No
WPVDB ID
cdcdb594-8b52-4d47-9047-14938f56b0d0

Timeline

Publicly Published
2016-01-19 (about 10 years ago)
Added
2016-01-19 (about 10 years ago)
Last Updated
2019-10-31 (about 6 years ago)

Other

Published
Title
Published
2025-04-07
Title
Asgaros Forum < 3.1.0 - Subscriber+ Authorization Bypass
Published
2016-07-19
Title
Form Lightbox - Arbitrary Option Update Leading to Admin Account
Published
2014-08-01
Title
Spam Free Plugin 1.9.2 - IP Blocklist Restriction Bypass
Published
2016-07-06
Title
WP Maintenance Mode <= 2.0.6 - Missing Settings Authorization
Published
2015-03-09
Title
MainWP Child <= 2.0.9.1 - Authentication Bypass