Description
WordPress Plugin SS Downloads is prone to cross-site request forgery and information disclosure vulnerabilities. An attacker can exploit these issues to perform certain administrative actions and gain unauthorized access to the affected application, or to obtain sensitive information that may help in launching further attacks. WordPress Plugin SS Downloads version 1.4.3 is vulnerable; prior versions may also be affected.
Remediation
Update to the latest version
References
Related Vulnerabilities
PHP Out-of-bounds Read Vulnerability (CVE-2020-7061)
WordPress Plugin XO Security Cross-Site Scripting (1.5.2)
WordPress Plugin Backup & Restore Dropbox Multiple Vulnerabilities (1.4.7.5)
WordPress Plugin Bad Behavior Multiple Vulnerabilities (2.2.18)
WordPress Plugin cloudsafe365_for_WP 'file' Parameter Remote File Disclosure (1.46)