2024-03-25 05:00:01
WPScan
PUBLISHED
The CM Download Manager WordPress plugin before 2.9.0 does not have CSRF checks in some places, which could allow attackers to make logged in admins delete downloads via a CSRF attack