2 matches found
CVE-2022-34658 WordPress Download Manager plugin <= 3.2.48 - Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities
Multiple Authenticated contributor+ Persistent Cross-Site Scripting XSS vulnerabilities in W3 Eden Download Manager plugin = 3.2.48 at WordPress...
CVE-2022-34658
CVE-2022-34658 concerns the WordPress Download Manager plugin (versions ≤ 3.2.48). The vulnerability is a Stored Cross-Site Scripting (XSS) issue that can be triggered by users with at least a Contributor role (i.e., authenticated users). The root cause is inadequate sanitization/escaping of inpu...