2019-08-27 12:21:56
mitre
PUBLISHED
The sell-downloads plugin before 1.0.8 for WordPress has insufficient restrictions on brute-force guessing of purchase IDs.