Lucene search
Andrea BocchettiPACKETSTORM:167573HistoryJun 22, 2022 - 12:00 a.m.
WordPress Download Manager 3.2.43 Cross Site Scripting
2022-06-2200:00:00
Andrea Bocchetti
packetstormsecurity.com
267
wordpress
download manager
cross site scripting
cve-2022-2101
andrea bocchetti
windows
plugin page
xss payload
insert url
js code
EPSS
0.002
Percentile
61.3%
`Exploit Title: Download Manager Cross-Site Scripting
Date: 2022-06-16
Exploit Author : Andrea Bocchetti
Vendor Homepage : https://wordpress.org/plugins/download-manager/
Version : <= 3.2.43
Tested on: windows
CVE : CVE-2022-2101
######## Description ########
# 1-) Login in the plugin page
# 2-) add the xss payload in the field "Insert URL"
# 3-) Click on the link , the JS code will be interpreted.
`
Related
patchstack
patchstack
prion
prion
Cross site scripting
2022-07-18 17:15:00
nvd
nvd
CVE-2022-2101
2022-07-18 17:15:08
cve
cve
CVE-2022-2101
2022-07-18 17:15:08
wpvulndb
wpvulndb
Download Manager < 3.2.48 - Contributor+ Stored Cross-Site Scripting
2022-06-22 00:00:00
openvas
openvas
WordPress Download Manager Plugin <= 3.2.46 XSS Vulnerability
2022-07-19 00:00:00
wpexploit
wpexploit
Download Manager < 3.2.48 - Contributor+ Stored Cross-Site Scripting
2022-06-22 00:00:00
cvelist
cvelist
CVE-2022-2101
2022-07-18 16:13:21