{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-32536", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "state": "PUBLISHED", "assignerShortName": "Patchstack", "dateReserved": "2026-03-12T11:12:24.777Z", "datePublished": "2026-03-25T16:15:10.543Z", "dateUpdated": "2026-03-25T20:20:42.466Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://codecanyon.net", "defaultStatus": "unaffected", "packageName": "halfdata-paypal-green-downloads", "product": "Green Downloads", "vendor": "halfdata", "versions": [{"changes": [{"at": "2.09", "status": "unaffected"}], "lessThanOrEqual": "<= 2.08", "status": "affected", "version": "n/a", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Phat RiO | Patchstack Bug Bounty Program"}], "datePublic": "2026-03-25T17:12:43.146Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.<p>This issue affects Green Downloads: from n/a through <= 2.08.</p>"}], "value": "Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a through <= 2.08."}], "impacts": [{"capecId": "CAPEC-17", "descriptions": [{"lang": "en", "value": "Using Malicious Files"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-434", "description": "Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:15:10.543Z"}, "references": [{"tags": ["vdb-entry"], "url": "https://patchstack.com/database/Wordpress/Plugin/halfdata-paypal-green-downloads/vulnerability/wordpress-green-downloads-plugin-2-08-arbitrary-file-upload-vulnerability?_s_id=cve"}], "title": "WordPress Green Downloads plugin <= 2.08 - Arbitrary File Upload vulnerability"}, "adp": [{"metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-25T20:20:17.155802Z", "id": "CVE-2026-32536", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T20:20:42.466Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "CHANGED", "version": "3.1", "baseScore": 9.9, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-32536", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-25T20:20:17.155802Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-25T20:19:18.283Z"}}], "cna": {"title": "WordPress Green Downloads plugin <= 2.08 - Arbitrary File Upload vulnerability", "credits": [{"lang": "en", "type": "finder", "value": "Phat RiO | Patchstack Bug Bounty Program"}], "impacts": [{"capecId": "CAPEC-17", "descriptions": [{"lang": "en", "value": "Using Malicious Files"}]}], "affected": [{"vendor": "halfdata", "product": "Green Downloads", "versions": [{"status": "affected", "changes": [{"at": "2.09", "status": "unaffected"}], "version": "n/a", "versionType": "custom", "lessThanOrEqual": "<= 2.08"}], "packageName": "halfdata-paypal-green-downloads", "collectionURL": "https://codecanyon.net", "defaultStatus": "unaffected"}], "datePublic": "2026-03-25T17:12:43.146Z", "references": [{"url": "https://patchstack.com/database/Wordpress/Plugin/halfdata-paypal-green-downloads/vulnerability/wordpress-green-downloads-plugin-2-08-arbitrary-file-upload-vulnerability?_s_id=cve", "tags": ["vdb-entry"]}], "descriptions": [{"lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a through <= 2.08.", "supportingMedia": [{"type": "text/html", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.<p>This issue affects Green Downloads: from n/a through <= 2.08.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-434", "description": "Unrestricted Upload of File with Dangerous Type"}]}], "providerMetadata": {"orgId": "21595511-bba5-4825-b968-b78d1f9984a3", "shortName": "Patchstack", "dateUpdated": "2026-03-25T16:15:10.543Z"}}}, "cveMetadata": {"cveId": "CVE-2026-32536", "state": "PUBLISHED", "dateUpdated": "2026-03-25T20:20:42.466Z", "dateReserved": "2026-03-12T11:12:24.777Z", "assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3", "datePublished": "2026-03-25T16:15:10.543Z", "assignerShortName": "Patchstack"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a through <= 2.08."}], "id": "CVE-2026-32536", "lastModified": "2026-03-25T21:16:45.867", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.9, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.1, "impactScore": 6.0, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-25T17:17:07.293", "references": [{"source": "audit@patchstack.com", "url": "https://patchstack.com/database/Wordpress/Plugin/halfdata-paypal-green-downloads/vulnerability/wordpress-green-downloads-plugin-2-08-arbitrary-file-upload-vulnerability?_s_id=cve"}], "sourceIdentifier": "audit@patchstack.com", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-434"}], "source": "audit@patchstack.com", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,2.08]"}}, {"platform": null, "status": "unaffected", "versions": {"scheme": "generic", "value": "2.09"}}], "enrichment": {"confidence": 87.0, "confidence_source": "matching", "scores": [{"score": 87.0, "source": "matching"}]}, "original": {"product": "Green Downloads", "source": "cna", "vendor": "halfdata"}, "product": "stripe_green_downloads", "vendor": "halfdata"}, {"configurations": [{"platform": null, "status": "unaffected", "versions": null}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "product": "wordpress", "vendor": "wordpress"}], "analysis": {"en": {"generated_at": "2026-03-26T01:58:39.317827+00:00", "value": {"mitigation_remediation": ["Apply the latest release of the Green Downloads plugin (any version newer than 2.08) to eliminate the arbitrary file upload flaw.", "If an update cannot be applied immediately, disable or remove the upload capability from the plugin or uninstall the plugin entirely to eliminate the attack vector.", "Configure the server or the plugin to limit accepted file extensions to safe types such as jpg or png and reject executable files.", "Implement a web application firewall rule or adjust server configuration to block uploads of disallowed extensions.", "Monitor upload logs for suspicious activity and maintain alerts for unauthorized file additions."], "summary": {"action": "Immediate Patch", "impact": "Arbitrary File Upload with potential code execution"}, "threat_synthesis": {"affected_systems": "WordPress installations that have the halfdata Green Downloads plugin version 2.08 or earlier are affected. The upload functionality of the plugin can be reached by users who have the necessary privileges in the WordPress administration interface, providing a path for an attacker to place files on the server.", "description_and_impact": "This vulnerability allows an attacker to upload any type of file through the Green Downloads plugin on WordPress sites without validating MIME type or file extension. Because the plugin stores the uploaded files on the server, a malicious actor could place executable code or otherwise dangerous content that, once accessed, could compromise the site. The weakness is identified as CWE\u2011434, which represents an Input Validation vulnerability that permits the upload of dangerous files.", "risk_and_exploitability": "The CVSS base score of 9.9 categorizes this flaw as critical. Although no EPSS value is available, the high severity score and the fact that the vulnerability exists in a widely used WordPress plugin suggest that exploitation is likely. The vulnerability is not listed in the CISA KEV catalog, but this does not reduce the inherent risk. Based on the description, it is inferred that the attack vector is remote exploitation through the plugin's file upload interface, which can be accessed by authenticated users with sufficient privileges."}}}}, "created": "2026-03-25T21:47:04.398966+00:00", "updated": "2026-03-26T12:12:17.259688+00:00", "vendors": ["halfdata", "halfdata$PRODUCT$stripe_green_downloads", "wordpress", "wordpress$PRODUCT$wordpress"]}