Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin <= 1.68.6 versions.
References
Configurations
Configuration 1 (hide)
|
History
12 Oct 2023, 12:15
Type | Values Removed | Values Added |
---|---|---|
Summary | Auth. (admin+) Reflected Cross-Site Scripting (XSS) vulnerability discovered in WP-DownloadManager plugin <= 1.68.6 versions. | |
References |
|
|
29 Mar 2022, 16:08
Type | Values Removed | Values Added |
---|---|---|
References | (CONFIRM) https://patchstack.com/database/vulnerability/wp-downloadmanager/wordpress-wp-downloadmanager-plugin-1-68-6-authenticated-reflected-cross-site-scripting-xss-vulnerability - Third Party Advisory | |
References | (CONFIRM) https://wordpress.org/plugins/wp-downloadmanager/#developers - Release Notes, Third Party Advisory | |
CWE | CWE-79 | |
CVSS |
v2 : v3 : |
v2 : 3.5
v3 : 5.4 |
CPE | cpe:2.3:a:wp-downloadmanager_project:wp-downloadmanager:*:*:*:*:*:wordpress:*:* | |
First Time |
Wp-downloadmanager Project
Wp-downloadmanager Project wp-downloadmanager |
18 Mar 2022, 19:12
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-03-18 18:15
Updated : 2023-12-10 14:22
NVD link : CVE-2021-44760
Mitre link : CVE-2021-44760
CVE.ORG link : CVE-2021-44760
JSON object : View
Products Affected
wp-downloadmanager_project
- wp-downloadmanager
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')