CVE-2022-2392
Lana Downloads Manager < 1.8.0 - Contributor+ Arbitrary File Download
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.9%KEV nãoPoC —Patch —
Lifecycle
22 Aug 2022Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The Lana Downloads Manager WordPress plugin before 1.8.0 is affected by an arbitrary file download vulnerability that can be exploited by users with "Contributor" permissions or higher.
Affected products
Unknown · Lana Downloads ManagerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →