Cross-site request forgery (CSRF) vulnerability in the WP-DownloadManager plugin before 1.61 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.
References
Configurations
Configuration 1 (hide)
| AND |
|
History
14 Jan 2026, 19:07
| Type | Values Removed | Values Added |
|---|---|---|
| First Time |
Lesterchan
Lesterchan wp-downloadmanager |
|
| CPE | cpe:2.3:a:lester_chan:wp-downloadmanager:1.31:*:*:*:*:*:*:* cpe:2.3:a:lester_chan:wp-downloadmanager:1.40:*:*:*:*:*:*:* cpe:2.3:a:lester_chan:wp-downloadmanager:1.30:*:*:*:*:*:*:* cpe:2.3:a:lester_chan:wp-downloadmanager:1.50:*:*:*:*:*:*:* cpe:2.3:a:lester_chan:wp-downloadmanager:1.00:*:*:*:*:*:*:* |
cpe:2.3:a:lesterchan:wp-downloadmanager:*:*:*:*:*:*:*:* cpe:2.3:a:lesterchan:wp-downloadmanager:1.40:*:*:*:*:*:*:* cpe:2.3:a:lesterchan:wp-downloadmanager:1.50:*:*:*:*:*:*:* cpe:2.3:a:lesterchan:wp-downloadmanager:1.00:*:*:*:*:*:*:* cpe:2.3:a:lesterchan:wp-downloadmanager:1.30:*:*:*:*:*:*:* cpe:2.3:a:lesterchan:wp-downloadmanager:1.31:*:*:*:*:*:*:* |
21 Nov 2024, 01:52
| Type | Values Removed | Values Added |
|---|---|---|
| References | () http://secunia.com/advisories/52863 - Vendor Advisory | |
| References | () http://wordpress.org/extend/plugins/wp-downloadmanager/changelog/ - |
Information
Published : 2013-04-19 11:44
Updated : 2026-01-14 19:07
NVD link : CVE-2013-2697
Mitre link : CVE-2013-2697
CVE.ORG link : CVE-2013-2697
JSON object : View
Products Affected
wordpress
- wordpress
lesterchan
- wp-downloadmanager
CWE
CWE-352
Cross-Site Request Forgery (CSRF)