Unrated severityNVD Advisory· Published Sep 26, 2022· Updated May 22, 2025
CM Download Manager < 2.8.6 - Admin+ Arbitrary File Upload
CVE-2022-3076
Description
The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: <2.8.6
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/d18e695b-4d6e-4ff6-a060-312594a0d2bdmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.