Path traversal vulnerability exists in Download Plugins and Themes from Dashboard versions prior to 1.8.6. If this vulnerability is exploited, a remote authenticated attacker with "switch_themes" privilege may obtain arbitrary files on the server.Referenceshttps://wordpress.org/plugins/download-plugins-dashboard/https://jvn.jp/en/jp/JVN85380030/
