The popular WP Download Manager plugin, with the record of over 850,000 downloads, helps users better manage, track, and control file downloads from your WordPress website. The plugin has been recently reported with a vulnerability issue found in earlier version of this plugin.
The WordPress site running this plugin is susceptible to code execution. With this vulnerability, the attacker may inject a backdoor and change the important credentials, including admin accounts. For full details, please visit this article published by Sucrui.
For those WP Download Manager plugin users, please update the plugin to version 2.7.5 ASAP. Don’t forget to perform a full site backup before updating the plugin.