[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$frKlUeFgMo3_b01c0iDnX53P4__B4OCyuVz6vWlKiSRU":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20,"patch_diff_files":21,"patch_trac_url":9,"research_status":9,"research_verified":22,"research_rounds_completed":23,"research_plan":9,"research_summary":9,"research_vulnerable_code":9,"research_fix_diff":9,"research_exploit_outline":9,"research_model_used":9,"research_started_at":9,"research_completed_at":9,"research_error":9,"poc_status":9,"poc_video_id":9,"poc_summary":9,"poc_steps":9,"poc_tested_at":9,"poc_wp_version":9,"poc_php_version":9,"poc_playwright_script":9,"poc_exploit_code":9,"poc_has_trace":22,"poc_model_used":9,"poc_verification_depth":9,"poc_exploit_code_gated":22,"source_links":24},"CVE-2024-13126","download-manager-unauthenticated-information-disclosure-via-unprotected-directory","Download Manager \u003C= 3.3.06 - Unauthenticated Information Disclosure via Unprotected Directory","The Download Manager plugin for WordPress is vulnerable to Information Disclosure in all versions up to, and including, 3.3.06. This is due to plugin not providing any access restrictions to the direct in which download files are uploaded. This makes it possible for unauthenticated attackers to access downloads that should be password protected by downloading them straight from the directory.","download-manager",null,"\u003C=3.3.06","3.3.07","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:L\u002FI:N\u002FA:N","Files or Directories Accessible to External Parties","2025-01-17 00:00:00","2025-03-07 20:21:56",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F8d07b7c1-8180-4b2a-bf35-2c5b3d419152?source=api-prod",50,[],false,0,{"type":25,"vulnerable_version":9,"fixed_version":9,"vulnerable_browse":9,"vulnerable_zip":9,"fixed_browse":9,"fixed_zip":9,"all_tags":26},"plugin","https:\u002F\u002Fplugins.trac.wordpress.org\u002Fbrowser\u002Fdownload-manager\u002Ftags"]