VYPR

Apk Downloader

by WordPress

Source repositories

CVEs (3)

  • CVE-2022-2367HigAug 8, 2022
    risk 0.49cvss 7.5epss 0.01

    The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation

  • CVE-2022-2357HigAug 8, 2022
    risk 0.49cvss 7.5epss 0.01

    The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php.

  • CVE-2024-51654HigNov 19, 2024
    risk 0.46cvss 7.1epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Eric Allen APK Downloader apk-downloader allows Stored XSS.This issue affects APK Downloader: from n/a through <= 1.0.0.