Lucene search

K
patchstackKrzysztof ZającPATCHSTACK:8131E82962711259F86E23983D24D431
HistoryJan 12, 2022 - 12:00 a.m.

WordPress Download Manager plugin <= 3.2.33 - Authenticated SQL injection (SQLi) vulnerability to Reflected XSS vulnerability

2022-01-1200:00:00
Krzysztof Zając
patchstack.com
10
wordpress
download manager
authenticated sql injection
reflected xss
krzysztof zając

EPSS

0.001

Percentile

36.7%

Authenticated SQL injection (SQLi) vulnerability to Reflected XSS vulnerability discovered by Krzysztof Zając in WordPress Download Manager plugin (versions <= 3.2.33).

Solution

           Update the WordPress Download Manager plugin to the latest available version (at least 3.2.34).

Affected configurations

Vulners
Node
-download_managerRange3.2.33
VendorProductVersionCPE
-download_manager*cpe:2.3:a:-:download_manager:*:*:*:*:*:*:*:*

EPSS

0.001

Percentile

36.7%

Related for PATCHSTACK:8131E82962711259F86E23983D24D431