Lucene search
K

7 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-35150

Malicious code in bioql PyPI...

4.9CVSS5.1AI score0.01315EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 p.m.11 views

CVE-2022-2168

The Download Manager WordPress plugin before 3.2.44 does not escape a generated URL before outputting it back in an attribute of the history dashboard, leading to Reflected Cross-Site Scripting...

6.1CVSS6.6AI score0.0106EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:17 p.m.4 views

CVE-2022-0828

The Download Manager WordPress plugin before 3.2.34 uses the uniqid php function to generate the master key for a download, allowing an attacker to brute force the key with reasonable resources giving direct download access regardless of role based restrictions or password protections set for the...

7.5CVSS6.9AI score0.0151EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/17 9:1 p.m.5 views

CVE-2024-8284

The Download Manager WordPress plugin before 3.2.99 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS6AI score0.0032EPSS
Exploits1References1
NVD
NVD
added 2025/05/15 8:15 p.m.14 views

CVE-2024-8284

The Download Manager WordPress plugin before 3.2.99 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS0.0032EPSS
Exploits1References1
NVD
NVD
added 2024/10/30 7:15 a.m.20 views

CVE-2024-8444

The Download Manager WordPress plugin before 3.3.00 doesn't sanitize some of it's shortcode parameters, leading to cross site scripting...

5.4CVSS0.00304EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/07/17 10:36 a.m.19 views

CVE-2022-2168 Download Manager < 3.2.44 - Reflected Cross-Site Scripting

The Download Manager WordPress plugin before 3.2.44 does not escape a generated URL before outputting it back in an attribute of the history dashboard, leading to Reflected Cross-Site Scripting...

6.2AI score0.0106EPSS
Exploits2References1
Rows per page
Query Builder