Cross site scripting

2014-02-0616:10:00

PRIOn knowledge base

www.prio-n.com

6.2 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.5%

JSON

Cross-site scripting (XSS) vulnerability in the Download Manager plugin before 2.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the title field.

CPENameOperatorVersion
wordpress_download_managereq2.5.0
wordpress_download_managereq2.5.1
wordpress_download_managereq2.5.2
wordpress_download_managereq2.5.3
wordpress_download_managereq2.5.4
wordpress_download_managereq2.5.5
wordpress_download_managereq2.5.6
wordpress_download_managereq2.5.7
wordpress_download_managerle2.5.8

Name	Operator	Version
wordpress_download_manager	eq	2.5.0
wordpress_download_manager	eq	2.5.1
wordpress_download_manager	eq	2.5.2
wordpress_download_manager	eq	2.5.3
wordpress_download_manager	eq	2.5.4
wordpress_download_manager	eq	2.5.5
wordpress_download_manager	eq	2.5.6
wordpress_download_manager	eq	2.5.7
wordpress_download_manager	le	2.5.8