WordPress Plugin Download Monitor < 3.3.5.9 - Cross-Site Scripting

A cross-site scripting vulnerability in the Download Monitor plugin before 3.3.5.9 for WordPress allows remote attackers to inject arbitrary web script or HTML via the dlsearch parameter to the default URI. id: CVE-2012-4768 info: name: WordPress Plugin Download Monitor 3.3.5.9 - Cross-Site...

CVE-2012-4768

CVE-2012-4768 is a Cross-Site Scripting vulnerability in the WordPress plugin Download Monitor prior to 3.3.5.9. The dlsearch parameter written to download pages can inject arbitrary JavaScript, potentially leading to session cookie theft, redirects, or malware delivery. Exploitation affects Word...

Wordpress Download Monitor - Download Page Cross-Site Scripting

/----------------------------------------------------------------- | Wordpress Download Monitor - Download Page Cross-Site Scripting | -----------------------------------------------------------------/ Summary ======= Wordpress Download Monitor 3.3.5.7 is subject to a cross-site scripting...

Wordpress Download Monitor 3.3.5.7 Cross Site Scripting

/-----------------------------------------------------------------\ | Wordpress Download Monitor - Download Page Cross-Site Scripting | -----------------------------------------------------------------/ Summary ======= Wordpress Download Monitor 3.3.5.7 is subject to a cross-site scripting...