CVE-2024-32131Sensitive Information Exposure in Download Manager

CWE-200Sensitive Information Exposure3 documents3 sources
Severity
7.5HIGHNVD
CNA5.3
EPSS
0.5%
top 34.71%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
W3eden Download ManagerW3 Eden INC Download Manager
Timeline
PublishedMay 17

Description

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. Download Manager allows Functionality Bypass.This issue affects Download Manager: from n/a through 3.2.82.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

CVEListV5w3_eden_inc/download_managern/a3.2.82

🔴Vulnerability Details

2
CVEList
WordPress Download Manager plugin <= 3.2.82 - File Password Lock Bypass vulnerability2024-05-17
GHSA
GHSA-6mpf-666c-hqcg: Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc2024-05-17
CVE-2024-32131 — Sensitive Information Exposure | cvebase