VYPR
High severity7.2NVD Advisory· Published Mar 25, 2025· Updated Jun 17, 2026

CVE-2024-13618

CVE-2024-13618

Description

The aoa-downloadable WordPress plugin through 0.1.0 lacks authorization and authentication for requests to its download.php endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.