Arbitrary File Download Vulnerability in Lana Downloads Manager WordPress Plugin

Arbitrary File Download Vulnerability in Lana Downloads Manager WordPress Plugin

CVE-2022-2392 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

The Lana Downloads Manager WordPress plugin before 1.8.0 is affected by an arbitrary file download vulnerability that can be exploited by users with "Contributor" permissions or higher.

Learn more about our Wordpress Pen Testing.