CVE-2025-4799

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory.

The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack of restriction on the directory a file can be deleted from in all versions up to, and including, 1.68.10. This makes it possible for authenticated attackers, with Administrator-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is deleted (such as wp-config.php). This vulnerability can be paired with CVE-2025-4798 to delete any file within the WordPress root directory.

El complemento WP-DownloadManager para WordPress es vulnerable a la eliminación arbitraria de archivos debido a la falta de restricciones en el directorio desde el que se puede eliminar un archivo en todas las versiones hasta la 1.68.10 incluida. Esto permite a atacantes autenticados, con acceso de administrador o superior, eliminar archivos arbitrarios en el servidor, lo que puede provocar fácilmente la ejecución remota de código al eliminar el archivo correcto (como wp-config.php). Esta vulnerabilidad se puede combinar con CVE-2025-4798 para eliminar cualquier archivo dentro del directorio root de WordPress.