CVE-2025-15364 | Download Manager Plugin up to 3.3.40 on WordPress updatePassword Remote Code Execution

Inserito da Angelo Barbosa | Gen 5, 2026 | CVE

A vulnerability was found in Download Manager Plugin up to 3.3.40 on WordPress. It has been classified as critical. Affected is the function updatePassword. This manipulation causes Remote Code Execution.

This vulnerability is tracked as CVE-2025-15364. The attack is possible to be carried out remotely. No exploit exists.

CVE-2025-15364 | Download Manager Plugin up to 3.3.40 on WordPress updatePassword Remote Code Execution

Post correlati

CVE-2025-33117 | IBM QRadar SIEM up to 7.5.0 Update Package 12 file inclusion

CVE-2025-11101 | itsourcecode Open Source Job Portal 1.0 index.php?view=edit ID sql injection

CVE-2023-48329 | CodeBard Fast Custom Social Share by Plugin up to 1.1.1 on WordPress cross site scripting

CVE-2025-24883 | go-ethereum up to 1.14.12 uncaught exception (GHSA-q26p-9cq4-7fc2)