Lucene search

Wordpress Download Manager Security Vulnerabilities

cve

CVE-2019-15889

The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date]...

6.1CVSS

5.9AI Score

0.033EPSS

2019-09-03 06:15 PM

135

cve

CVE-2017-18032

The download-manager plugin before 2.9.52 for WordPress has XSS via the id parameter in a wpdm_generate_password action to...

6.1CVSS

5.9AI Score

0.001EPSS

2018-01-16 09:29 AM

cve

CVE-2014-8585

Directory traversal vulnerability in the WordPress Download Manager plugin for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the fname parameter to (1) views/file_download.php or (2)...

7AI Score

0.005EPSS

2014-11-04 03:55 PM

cve

CVE-2013-7319

Cross-site scripting (XSS) vulnerability in the Download Manager plugin before 2.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the title...

5.9AI Score

0.01EPSS

2014-02-06 04:10 PM