Impact
This vulnerability allows an attacker to download any file stored on the server via the WordPress Download Monitor plugin, enabling unauthorized retrieval of arbitrary files. It is a CWE-22 Path Traversal weakness that permits reading of system files. Although it does not provide code execution, the ability to read arbitrary files can lead to information disclosure and further compromise.
Affected Systems
Affects WordPress installations that include the Download Monitor plugin up to and including version 5.1.9, bundled by WP Chill. No higher versions are currently affected. All servers running any of those plugin versions are potentially susceptible.
Risk and Exploitability
The CVSS score is 4.4, indicating moderate severity. The EPSS score is below 1%, suggesting a low probability of exploitation at present. This vulnerability is not listed in the CISA KEV catalog. The exploitation path most likely involves a remote attacker sending a specially crafted request to the plugin’s download endpoint; authentication may or may not be required depending on how the plugin is configured.
OpenCVE Enrichment