Simple Download Monitor

Information

Software Type Plugin
Software Slug simple-download-monitor (view on wordpress.org)
Software Status Active
Software Author mra13
Software Website simple-download-monitor.com
Software Downloads 1,062,605
Software Active Installs 20,000
Software Record Last Updated December 22, 2024

13 Vulnerabilities

4.3
CVE ID Unknown
Oct 5, 2021
Researcher: WPScanTeam
9.9
CVE ID Unknown
Jan 19, 2016
Researcher: James Golovich
Title Status CVE ID CVSS Researchers Date
Simple Download Monitor <= 3.9.8 - Multiple Cross-Site Request Forgery vulnerabilities Patched CVE-2021-24696 8.8 apple502j December 21, 2021
Simple Download Monitor <= 3.9.10 - Contributor+ Stored Cross-Site Scripting via Shortcodes Patched CVE-2021-24694 5.4 apple502j December 21, 2021
Simple Download Monitor <= 3.9.4 - Contributor+ Stored Cross-Site Scripting via File Thumbnail Patched CVE-2021-24693 9.0 apple502j October 5, 2021
Simple Download Monitor <= 3.9.5 - Contributor+ Arbitrary Thumbnail Removal Patched CVE-2021-24698 4.3 apple502j October 5, 2021
Simple Download Monitor <= 3.9.5 - Sensitive Data Exposure Patched CVE-2021-24695 5.3 apple502j October 5, 2021
Simple Download Monitor <= 3.9.5 - Log Reset Patched 4.3 WPScanTeam October 5, 2021
Simple Download Monitor <= 3.9.4 - Reflected Cross-Site Scripting Patched CVE-2021-24697 6.1 apple502j October 5, 2021
Simple Download Monitor <= 3.9.4 - Contributor+ Arbitrary File Download Patched CVE-2021-24692 6.5 apple502j September 2, 2021
Simple Download Monitor <= 3.8.8 - Unauthenticated Stored Cross-Site Scripting Patched CVE-2020-5650 6.1 Gen Sato October 21, 2020
Simple Download Monitor <= 3.8.8 - SQL Injection Patched CVE-2020-5651 8.8 Gen Sato October 21, 2020
Simple Download Monitor < 3.5.4 - Authenticated Stored Cross-Site Scripting Patched CVE-2018-5212 6.4 d4wner January 2, 2018
Simple Download Monitor < 3.5.4 - Authenticated Stored Cross-Site Scripting Patched CVE-2018-5213 5.4 d4wner January 2, 2018
Simple Download Monitor <= 3.2.8 - Missing Authorization Patched 9.9 James Golovich January 19, 2016

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation