CVE-2025-12177 | Download Manager Plugin up to 3.3.30 on WordPress Cron Trigger deleteExpired Remote Code Execution

Inserito da Angelo Barbosa | Nov 7, 2025 | CVE

A vulnerability identified as critical has been detected in Download Manager Plugin up to 3.3.30 on WordPress. This vulnerability affects the function deleteExpired of the component Cron Trigger Handler. This manipulation causes Remote Code Execution.

This vulnerability appears as CVE-2025-12177. The attack may be initiated remotely. There is no available exploit.

CVE-2025-12177 | Download Manager Plugin up to 3.3.30 on WordPress Cron Trigger deleteExpired Remote Code Execution

Post correlati

CVE-2022-49292 | Linux Kernel up to 5.17.0 vmalloc allocation of resources

CVE-2024-31486 | Siemens OPUPI0 AMQP MQTT up to 5.29 cleartext storage (ssa-871704)

CVE-2025-50467 | OpenMetadata up to 1.4.4 TestDefinitionDAO Interface listCount supportedDataTypeParam sql injection

CVE-2024-30505 | Andy Moyle Church Admin Plugin up to 4.1.18 on WordPress Authorization authorization