CVE-2025-10146 | codename065 Download Manager Plugin up to 3.3.23 on WordPress user_ids cross site scripting

A vulnerability, which was classified as problematic, was found in codename065 Download Manager Plugin up to 3.3.23 on WordPress. This affects an unknown function. Executing manipulation of the argument user_ids can lead to cross site scripting.

This vulnerability is registered as CVE-2025-10146. It is possible to launch the attack remotely. No exploit is available.

You should upgrade the affected component.VulDB Recent EntriesRead More