Lucene search
Prajal KulkarniPATCHSTACK:2D21B3777FB70FD40234D041D61C6C20HistoryJun 23, 2014 - 12:00 a.m.
WordPress SS Downloads Plugin <= 1.4 - XSS
2014-06-2300:00:00
Prajal Kulkarni
patchstack.com
7
0.002 Low
EPSS
Percentile
57.1%
Because of this vulnerability in templates/download.php, attackers can inject arbitrary web script or HTML via the “title” parameter.
Solution
Update the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ss downloads | le | 1.4 |
Related
cve
cve
CVE-2014-4554
2014-07-02 20:55:06
wpvulndb
wpvulndb
SS Downloads 1.4.4.1 - services/getfile.php file Parameter XSS
2014-08-01 00:00:00
cvelist
cvelist
CVE-2014-4554
2014-07-02 20:00:00
prion
prion
Cross site scripting
2014-07-02 20:55:00
nvd
nvd
CVE-2014-4554
2014-07-02 20:55:06