CVE-2026-32536
Unrestricted File Upload Vulnerability in Green Downloads
Publication date: 2026-03-25
Last updated on: 2026-03-25
Assigner: Patchstack
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| halfdata | green_downloads | to 2.08 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-434 | The product allows the upload or transfer of dangerous file types that are automatically processed within its environment. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-32536 is an Arbitrary File Upload vulnerability in the WordPress Green Downloads Plugin versions up to and including 2.08. It allows attackers to upload any type of file, including malicious backdoors, to a website. These uploaded files can then be executed to gain unauthorized access or control over the affected website.
The vulnerability is classified as critical with a CVSS score of 9.9 and falls under the OWASP Top 10 category A3: Injection. It requires only subscriber-level privileges to exploit, making it highly dangerous and easy to abuse.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized access to your website through malicious files uploaded by attackers. These files can act as backdoors, allowing attackers to execute arbitrary code, compromise website data, deface the site, or use the site as a platform for further attacks.
Because the exploit requires only subscriber-level privileges, it increases the risk of exploitation even by less privileged users, potentially leading to widespread compromise.
The vulnerability is considered highly dangerous and likely to be exploited in mass campaigns targeting many websites, regardless of their traffic or popularity.
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to update the Green Downloads Plugin to version 2.09 or later, which contains the patch that resolves the issue.
For users unable to update immediately, applying a mitigation rule that blocks exploitation attempts is recommended until the patch can be applied.
Using automatic updates and continuous protection through security platforms like Patchstack can also help prevent exploitation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers to upload and execute malicious files, potentially leading to unauthorized access and data breaches.
Such unauthorized access and potential data compromise can negatively impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and prevention of unauthorized access.
Immediate mitigation is recommended to prevent exploitation that could result in violations of these regulations.