CVE-2023-1809: 
WordPress vulnerability analysis and mitigation

The Download Manager WordPress plugin before version 6.3.0 contains a sensitive information disclosure vulnerability (CVE-2023-1809) discovered in April 2023. The vulnerability allows attackers to access master key information without authentication, enabling them to download password-protected package files arbitrarily (WPScan, NVD).

The vulnerability exists in the file password validation mechanism. When a POST request is sent to /wp-json/wpdm/validate-filepass, the system leaks the master key information in the response without requiring authentication. This key can then be used along with wpdmdl and ind parameters to construct a download URL that bypasses password protection. The vulnerability has been assigned a CVSS score of 5.3 (medium) and is classified as CWE-200: Information Exposure (WPScan).

The vulnerability allows unauthorized users to download any password-protected package files hosted on affected WordPress installations. This could lead to unauthorized access to sensitive or restricted content that was intended to be protected by password authentication (WPScan).

The vulnerability has been fixed in Download Manager version 6.3.0. Site administrators are strongly advised to update to this version or later to prevent unauthorized access to password-protected files (WPScan).