Source: National Vulnerability Database

The Download Plugin WordPress plugin before 2.0.0 does not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download a full copy of

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-25059

178 hits since 2022-11-28

PHP Vulns Source Ratio: 15% (9080 total, 674 propagated, 4540 filtered)