The Sucuri research team we cooperate with has found and disclosed a medium severity vulnerability in the WordPress Download Manager plugin. The vulnerability has been patched and if you are using the plugin, we encourage you to update at your earliest convenience.
The security issue was patched in version 2.7.5, now available in the WordPress repository.
You can learn more about today’s Download Manager disclosure here.
Also, you can find more information about Sucuri services we offer at this page.