Wordfence has discovered two vulnerabilities in the WordPress Download Manager plugin which have now been patched.
The Wordfence Threat Intelligence team has discovered two separate vulnerabilities in a popular WordPress plugin used to change how download pages are displayed. The plugin in question is called WordPress Download Manager and it has been installed on over 100,000 sites according to WordPress.org. The first vulnerability can be exploited to achieve authenticated directory traversal according to Wordfence. While WordPress Download Manager had some protections in place to protect against directory traversal, they were far from sufficient. As a result, it was possible for a user such as a contributor with lower privileges to retrieve the contents of a site’s wp-config.
