Filtered by vendor Osteopathic
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-13618 | 1 Osteopathic | 1 Downloadable By American Osteopathic Association | 2025-06-20 | N/A | 7.2 HIGH |
| The aoa-downloadable WordPress plugin through 0.1.0 lacks authorization and authentication for requests to its download.php endpoint, allowing unauthenticated visitors to make requests to arbitrary URLs. | |||||
| CVE-2024-13617 | 1 Osteopathic | 1 Downloadable By American Osteopathic Association | 2025-06-20 | N/A | 8.6 HIGH |
| The aoa-downloadable WordPress plugin through 0.1.0 doesn't validate a parameter in its download function, allowing unauthenticated attackers to download arbitrary files from the server | |||||