← Back to CVE List
CVE-2024-13617
The aoa-downloadable WordPress plugin through 0.1.0 doesn't validate a parameter in its download function, allowing unauthenticated attackers to download arbitrary files from the server
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt