Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
SQL Injection in Download Manager Addons for Elementor
CVE-2026-24956
Summary
A security flaw in Download Manager Addons for Elementor allows hackers to access sensitive data. This affects the plugin if you're using version 1.3.0 or earlier. Update to the latest version to protect your site.
Original title
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada Download Manager Addons for Elementor wpdm-elementor allows Blind SQL Injection.This i...
Original description
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada Download Manager Addons for Elementor wpdm-elementor allows Blind SQL Injection.This issue affects Download Manager Addons for Elementor: from n/a through <= 1.3.0.
nvd CVSS3.1
9.3
Vulnerability type
CWE-89
SQL Injection
Published: 20 Feb 2026 · Updated: 12 Mar 2026 · First seen: 6 Mar 2026