Description
WordPress Plugin WordPress Download Manager is prone to multiple security bypass vulnerabilities. Attackers can exploit these vulnerabilities to perform otherwise restricted actions and subsequently delete or update otherwise restricted files. WordPress Plugin WordPress Download Manager version 2.6.92 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.6.93 or latest
References
Related Vulnerabilities
WordPress Plugin WP Security Safe Cross-Site Request Forgery (2.2.2)
Django Insufficiently Protected Credentials Vulnerability (CVE-2018-16984)
ownCloud Improper Authentication Vulnerability (CVE-2016-9463)
WordPress 5.6.x Prototype Pollution (5.6 - 5.6.7)
Django Resource Management Errors Vulnerability (CVE-2015-5145)