Login Sign Up

CVE-2024-1962

8.8 HIGH
Authentication Bypass CSRF

📋 TL;DR

This CSRF vulnerability in CM Download Manager WordPress plugin allows attackers to trick authenticated administrators into unknowingly modifying downloads. Attackers can craft malicious requests that execute when an admin visits a compromised page. All WordPress sites using vulnerable versions of this plugin are affected.

💻 Affected Systems

Products:
  • CM Download Manager WordPress Plugin
Versions: All versions before 2.9.1
Operating Systems: Any OS running WordPress
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects sites where the plugin is installed and activated. Requires an authenticated admin session to exploit.

📦 What is this software?

Cm Download Manager by Cminds

View all CVEs affecting Cm Download Manager →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could modify or replace legitimate downloads with malware, potentially compromising all users who download files from the site.

🟠

Likely Case

Attackers modify download content to distribute malware or redirect users to malicious sites, damaging site reputation and user trust.

🟢

If Mitigated

With proper CSRF protections, admin actions require valid tokens, preventing unauthorized modifications even if admin visits malicious pages.

🌐 Internet-Facing: HIGH
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

CSRF attacks are well-understood and easy to implement. Exploitation requires social engineering to get admin to visit malicious page.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 2.9.1

Vendor Advisory: https://wordpress.org/plugins/cm-download-manager/#developers

Restart Required: No

Instructions:

1. Log into WordPress admin panel. 2. Navigate to Plugins → Installed Plugins. 3. Find 'CM Download Manager' and click 'Update Now'. 4. Verify version shows 2.9.1 or higher.

🔧 Temporary Workarounds

Temporary Plugin Deactivation

all

Disable the vulnerable plugin until patched

wp plugin deactivate cm-download-manager

CSRF Protection via .htaccess

linux

Add basic CSRF protection headers

Header set X-Frame-Options "SAMEORIGIN"
Header set Content-Security-Policy "frame-ancestors 'self'"

🧯 If You Can't Patch

  • Implement strict SameSite cookie policies for admin sessions
  • Use browser extensions that block CSRF attempts

🔍 How to Verify

Check if Vulnerable:

Check WordPress admin → Plugins → CM Download Manager → Version. If version is below 2.9.1, you are vulnerable.

Check Version:

wp plugin get cm-download-manager --field=version

Verify Fix Applied:

After updating, verify version shows 2.9.1 or higher in plugin details.

📡 Detection & Monitoring

Log Indicators:

  • Multiple failed download modification attempts from same IP
  • Admin actions without proper referrer headers

Network Indicators:

  • POST requests to download edit endpoints without CSRF tokens
  • Cross-origin requests to admin-ajax.php

SIEM Query:

source="wordpress.log" AND ("cm-download-manager" OR "admin-ajax.php") AND action="edit" AND status=200 AND referrer NOT LIKE "%yourdomain%"

📊 Metadata

CVE ID: CVE-2024-1962
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
Published: March 25, 2024
Last Updated: April 1, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-1962, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)