{"uuid": "a98843dc-7c83-45d1-b80e-4eac4f0b4d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4798", "type": "seen", "source": "https://t.me/brutsecurity/2000", "content": "CVE-2025-4798, -4799: Absolute Path Traversal in DownloadManager WordPress Plugin, 4.9 - 7.2 rating\u2757\ufe0f\n\nVulnerabilities shared with us by the pen tester who found them. Allow attackers to manipulate files on the server, which can lead to RCE.\n\nSearch at Netlas.io:\n\ud83d\udc49 Link: https://nt.ls/DH8EA\n\ud83d\udc49 Dork: http.body:\"plugins/wp-downloadmanager\"\n\nMore information here: https://youtu.be/QTe3rf0-e7U?si=THZKoKeI1vN-arR7", "creation_timestamp": "2026-07-10T00:00:31.480250Z"}