3 matches found
CVE-2022-25605
creationtimestamp| type| source ---|---|--- 2022-03-18 21:22:49+00:00| seen| https://t.me/cibsecurity/39221...
CVE-2022-25605
CVE-2022-25605 affects WordPress WP-DownloadManager plugin versions up to and including 1.68.6. The root cause is improper handling/escaping of download-related settings in the plugin (notably the download_path, download_path_url, and download_page_url), which allows authenticated users to inject...
CVE-2022-25605 WordPress WP-DownloadManager plugin <= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated Stored Cross-Site Scripting XSS vulnerabilities discovered in WP-DownloadManager WordPress plugin versions = 1.68.6. Vvulnerable parameters &downloadpath, &downloadpathurl, &downloadpageurl...