CVE-2022-2392

CVE-2022-2392: Lana Downloads Manager < 1.8.0 - Contributor+ Arbitrary File Download

Vendor Unknown
Product Lana Downloads Manager
Weakness CWE-552 · Files accessible externally
Published August 22, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Lana Downloads Manager WordPress plugin before 1.8.0 is affected by an arbitrary file download vulnerability that can be exploited by users with "Contributor" permissions or higher.

Key dates

02Disclosure timeline

August 22, 2022 CVE published
August 3, 2024 Record updated