4 matches found
WordPress WP File Download plugin < 6.2.6 - Reflected XSS vulnerability
Reflected XSS vulnerability discovered by Kevin Camus in WordPress Plugin WP File Download versions 6.2.6...
CVE-2025-5034
The wp-file-download WordPress plugin before 6.2.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2025-5034 WP File Download < 6.2.6 - Reflected XSS
The wp-file-download WordPress plugin before 6.2.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting...
CVE-2025-5034
CVE-2025-5034 affects the WordPress WP File Download plugin prior to version 6.2.6. The issue is a Reflected XSS caused by a parameter that is not properly sanitised and escaped before output to the page. Impact is reflected in user input handling and page rendering. The primary mitigation is upg...