Back to search
CVE-2024-8031
Published: May 15, 2025
Modified: May 17, 2025
PUBLISHED
Description
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which files can be downloaded. This makes it possible for authenticated attackers, with admin-level access and above, to download arbitrary files that may contain sensitive information like wp-config.php.
| Vendor | Product | Versions |
|---|---|---|
Unknown | Secure Downloads | affected 0 - < 1.2.3 |
References
https://wpscan.com/vulnerability/c6f54e6f-0a50-424f-ae3a-00b9880d9f13/
exploit
vdb-entry
technical-description
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now