Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-2048 | 1 Lana | 1 Lana Downloads Manager | 2025-06-12 | N/A | 4.1 MEDIUM |
| The Lana Downloads Manager WordPress plugin before 1.10.0 does not validate user input used in a path, which could allow users with an admin role to perform path traversal attacks and download arbitrary files on the server | |||||
| CVE-2022-2392 | 1 Lana | 1 Lana Downloads Manager | 2024-11-21 | N/A | 6.5 MEDIUM |
| The Lana Downloads Manager WordPress plugin before 1.8.0 is affected by an arbitrary file download vulnerability that can be exploited by users with "Contributor" permissions or higher. | |||||