CVE-2022-2357

Summary

The WSM Downloader WordPress plugin through 1.4.0 allows any visitor to use its remote file download feature to download any local files, including sensitive ones like wp-config.php.

Affected Software

VendorProductVersion RangeStatus
UnknownWSM Downloader1.4.0 <= 1.4.0affected

Weaknesses

  • CWE-552: CWE-552 Files or Directories Accessible to External Parties

ADP Enrichment

CVE Program Container

Additional References

References