← Retour aux CVEs

CVE-2026-2419

LOW

2.7

Description

The WP-DownloadManager plugin for WordPress is vulnerable to Path Traversal in all versions up to, and including, 1.69 via the 'download_path' configuration parameter. This is due to insufficient validation of the download path setting, which allows directory traversal sequences to bypass the WP_CONTENT_DIR prefix check. This makes it possible for authenticated attackers, with Administrator-level access and above, to configure the plugin to list and access arbitrary files on the server by exploiting the file browser functionality.

Details CVE

Score CVSS v3.12.7

SeveriteLOW

Vecteur CVSSCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Vecteur d'attaqueNETWORK

ComplexiteLOW

Privileges requisHIGH

Interaction utilisateurNONE

Publie2/18/2026

Derniere modification2/18/2026

Sourcenvd

Observations honeypot0

Faiblesses (CWE)

CWE-22

References

https://github.com/lesterchan/wp-downloadmanager/commit/416b9f5459496166c0395f9e055d4c4cf872404a(security@wordfence.com)

https://plugins.trac.wordpress.org/browser/wp-downloadmanager/tags/1.69/download-options.php#L42(security@wordfence.com)

https://plugins.trac.wordpress.org/browser/wp-downloadmanager/trunk/download-options.php#L42(security@wordfence.com)

https://www.wordfence.com/threat-intel/vulnerabilities/id/0bb96da1-9c17-4264-ac29-b5ff8dec745d?source=cve(security@wordfence.com)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.