Lucene search

CVE-2014-125090

🗓️ 04 Mar 2023 20:09:15Reported by VulDBType

A vulnerability in Media Downloader Plugin 0.1.992 on WordPress allows remote attackers to initiate cross site scripting via manipulation of the file argument in getfile.php. Upgrading to version 0.1.993 is recommended

Reporter	Title	Published	Views	Family All 3
Prion	Cross site scripting	4 Mar 202320:15	–	prion
Cvelist	CVE-2014-125090 Media Downloader Plugin getfile.php dl_file_resumable cross site scripting	4 Mar 202319:31	–	cvelist
NVD	CVE-2014-125090	4 Mar 202320:15	–	nvd

Nvd

Vulners

Node

media_downloader_project media_downloaderMatch0.1.992wordpress

[
  {
    "vendor": "n/a",
    "product": "Media Downloader Plugin",
    "versions": [
      {
        "version": "0.1.992",
        "status": "affected"
      }
    ]
  }
]

Source	Link
vuldb	www.vuldb.com/
github	www.github.com/wp-plugins/media-downloader/commit/77beb720c682b9300035ab5f96eee225181d8a92
vuldb	www.vuldb.com/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

04 Mar 2023 20:15Current

4.8Medium risk

Vulners AI Score4.8

CVSS24

CVSS33.5 - 6.1

EPSS0.00185

CWE-79