3 matches found
CVE-2013-2697
Cross-site request forgery CSRF vulnerability in the WP-DownloadManager plugin before 1.61 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...
CVE-2013-2697
Cross-site request forgery CSRF vulnerability in the WP-DownloadManager plugin before 1.61 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences...
CVE-2013-2697
CVE-2013-2697 is a CSRF vulnerability in the WP-DownloadManager WordPress plugin prior to 1.61. The issue allows remote attackers to hijack the authentication of arbitrary users by sending requests that insert XSS sequences, as described across multiple sources. Affected product: WordPress plugin...