CVE-2022-2392

Summary

The Lana Downloads Manager WordPress plugin before 1.8.0 is affected by an arbitrary file download vulnerability that can be exploited by users with "Contributor" permissions or higher.

Affected Software

VendorProductVersion RangeStatus
UnknownLana Downloads Manager1.8.0 < 1.8.0affected

Weaknesses

  • CWE-552: CWE-552 Files or Directories Accessible to External Parties

ADP Enrichment

CVE Program Container

Additional References

References