W3eden Security Vulnerabilities (CVEs)
Track 14 security vulnerabilities affecting W3eden products and software. Get instant email alerts when new CVEs are discovered, automated security monitoring, and patch guidance.
The Download Manager WordPress plugin has a stored XSS vulnerability in all versions up to 3.3.18. Authenticated attackers with author-level access or...
Jun 19, 2025The Download Manager plugin for WordPress has a directory traversal vulnerability that allows authenticated attackers with Author-level permissions or...
Mar 13, 2025This vulnerability allows high-privilege WordPress users (like administrators) to inject malicious scripts into plugin settings, which then execute wh...
Dec 20, 2024The Download Manager WordPress plugin has an authentication bypass vulnerability that allows unauthenticated attackers to download password-protected ...
Dec 19, 2024This vulnerability in the Download Manager WordPress plugin allows attackers to inject malicious scripts via unsanitized shortcode parameters. When ex...
Oct 30, 2024This vulnerability allows authenticated WordPress users with contributor-level access or higher to inject malicious scripts into pages using the Downl...
Jul 31, 2024The Download Manager Pro WordPress plugin has a stored XSS vulnerability in multiple shortcodes that allows authenticated attackers with contributor a...
Jun 12, 2024This stored XSS vulnerability in WordPress Download Manager plugin allows authenticated attackers with contributor-level access or higher to inject ma...
May 31, 2024This vulnerability in the WordPress Download Manager plugin allows attackers to bypass password protection on files, exposing sensitive information to...
May 17, 2024The Download Manager WordPress plugin before version 6.3.0 exposes master key information without authentication, allowing attackers to bypass passwor...
May 2, 2023This vulnerability allows unauthenticated attackers to inject malicious scripts into WordPress sites using the Download Manager plugin. When users cli...
Apr 18, 2023This vulnerability in the Download Manager WordPress plugin allows attackers to brute-force download access keys, bypassing role-based restrictions an...
Apr 11, 2022The Download Manager WordPress plugin before version 3.2.35 has REST API endpoints without proper authorization checks, allowing unauthenticated attac...
Mar 7, 2022This vulnerability allows authenticated WordPress users with Author+ permissions to upload files with double extensions (like 'payload.php.png') that ...
Aug 5, 2021Why Monitor W3eden Security Vulnerabilities?
Real-time CVE tracking: Our automated system monitors 14+ known vulnerabilities affecting W3eden products and software packages. Stay ahead of emerging threats with instant email notifications when new security issues are discovered.
Automated security monitoring: Unlike manual CVE checking, FixTheCVE automatically scans your servers and detects vulnerable W3eden packages in under 60 seconds. No agents required - completely agentless scanning that works across W3eden deployments.
Free vulnerability database: Access detailed information about every W3eden CVE including CVSS scores, severity ratings, affected versions, and actionable patch guidance. Filter by critical, high, medium, or low severity to prioritize your security remediation efforts.
🚀 Get Started in 60 Seconds
- Register free account & add your servers
- Run one-time scan or schedule automatic monitoring (every 1-24 hours)
- Receive instant alerts when new W3eden CVEs affect your systems
- Access dashboard with severity breakdown & fix instructions
