Vulnerability CVE-2024-1231
Published: 2024-03-25

Description:
The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins unpublish downloads via a CSRF attack

 References:
https://wpscan.com/vulnerability/7d3968d9-61ed-4c00-8764-0360cf03255e/
Copyright 2026, cxsecurity.com

 

Back to Top