Plugin inspection:

WP-DownloadManager

Use with caution

Last revised:

Confidence: Medium
This plugin has been given a short, targeted code review.

Before using this plugin, you should carefully consider these findings. Read more about this recommendation.

Warnings

This recommendation applies to version 1.68.8 of this plugin, but the most recent version is 1.68.9. These findings may no longer be correct.

Findings

The plugin security would be improved by using SQL prepared statements, for example in file downloading requests, in addition to the basic sanitising of the request data.

Note that the plugin’s Download Options will be need to set with locations for files suitable to the infrastructure where it is being implemented.

Reason for the 'Use with caution' result

The plugin has been given this recommendation at the tester's discretion:

The plugin development may be discontinued (at date of this inspection, it is last updated 1 year ago and hasn’t been tested with the latest 3 major releases of WordPress.

Failure criteria

  • Execution of unprepared SQL statements

Read more about our failure criteria.