Apk Downloader
by WordPress
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-2367 | Hig | 0.49 | 7.5 | 0.01 | Aug 8, 2022 | The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation | ||
| CVE-2022-2357 | Hig | 0.49 | 7.5 | 0.01 | Aug 8, 2022 | The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php. | ||
| CVE-2024-51654 | Hig | 0.46 | 7.1 | 0.00 | Nov 19, 2024 | Cross-Site Request Forgery (CSRF) vulnerability in Eric Allen APK Downloader apk-downloader allows Stored XSS.This issue affects APK Downloader: from n/a through <= 1.0.0. |
- risk 0.49cvss 7.5epss 0.01
The WSM Downloader WordPress plugin through 1.4.0 allows only specific popular websites to download images/files from, this can be bypassed due to the lack of good "link" parameter validation
- risk 0.49cvss 7.5epss 0.01
The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php.
- risk 0.46cvss 7.1epss 0.00
Cross-Site Request Forgery (CSRF) vulnerability in Eric Allen APK Downloader apk-downloader allows Stored XSS.This issue affects APK Downloader: from n/a through <= 1.0.0.