CVE-2022-2392

The Lana Downloads Manager WordPress plugin before 1.8.0 is affected by an arbitrary file download vulnerability that can be exploited by users with "Contributor" permissions or higher. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt