EUVD-2024-26153

Malicious code in bioql PyPI...

PT-2024-22735 · Unknown · Download Manager

Name of the Vulnerable Software and Affected Versions: Download Manager versions 3.2.84 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Stored XSS attacks. Recommendations: For versio...

WordPress Download Manager Plugin <= 3.2.84 is vulnerable to Cross Site Scripting (XSS)

Software Download Manager Type Plugin Vulnerable versions = 3.2.84 Fixed in 3.2.85 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29114 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID ae823e29c6b0 Credits LVT-tholv2k Required privilege...

CVE-2023-6785

The Download Manager plugin for WordPress is vulnerable to unauthorized file download of files added via the plugin in all versions up to, and including, 3.2.84. This makes it possible for unauthenticated attackers to download files added with the plugin even when privately published...

WordPress Plugin Download Manager Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-15083 · WordPress · Download Manager

Name of the Vulnerable Software and Affected Versions: Download Manager plugin for WordPress versions up to, and including, 3.2.84 Description: The issue allows unauthorized file download of files added via the plugin, making it possible for unauthenticated attackers to download files, even those...