PT-2022-15295

Name of the Vulnerable Software and Affected Versions Download Monitor WordPress plugin versions prior to 4.5.91 Description The issue allows high privilege users, such as administrators, to download sensitive files like wp-config.php or /etc/passwd, even in hardened environments or multisite...

CVE-2022-28153

Jenkins SiteMonitor Plugin 0.6 and earlier does not escape URLs of sites to monitor in tooltips, resulting in a stored cross-site scripting XSS vulnerability exploitable by attackers with Item/Configure permission...

Jenkins SiteMonitor Plugin 跨站脚本漏洞

Jenkins and Jenkins Plugin are both Jenkins open source products.Jenkins is an application. An open source automation server, Jenkins provides hundreds of plugins to support building, deploying, and automating any project.Jenkins Plugin is an application.A cross-site scripting vulnerability exist...

CVE-2021-31567

Authenticated admin+ Arbitrary File Download vulnerability discovered in Download Monitor WordPress plugin versions = 4.4.6. The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the &downloadablefileurls0 parameter data. It's also...

CVE-2021-31567 WordPress Download Monitor plugin <= 4.4.6 - Authenticated Arbitrary File Download vulnerability

Authenticated admin+ Arbitrary File Download vulnerability discovered in Download Monitor WordPress plugin versions = 4.4.6. The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the &downloadablefileurls0 parameter data. It's also...

CVE-2021-23174 WordPress Download Monitor plugin <= 4.4.6 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Authenticated admin+ Persistent Cross-Site Scripting XSS vulnerability discovered in Download Monitor WordPress plugin versions = 4.4.6 Vulnerable parameters: &posttitle, &downloadablefileversion0...

PT-2022-9372 · WordPress · Download Monitor

Name of the Vulnerable Software and Affected Versions: Download Monitor WordPress plugin versions = 4.4.6 Description: An Authenticated admin+ Persistent Cross-Site Scripting XSS issue was discovered. The vulnerable parameters are post title and downloadable file version0. Recommendations: For...

WordPress Simple Download Monitor plugin <= 3.9.10 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress Simple Download Monitor plugin versions = 3.9.10. Solution Update the WordPress Simple Download Monitor plugin to the latest available version at least 3.9.11...

CVE-2015-9296

The download-monitor plugin before 1.7.1 for WordPress has XSS related to addqueryarg...

CVE-2015-9296

CVE-2015-9296: The WordPress Download Monitor plugin (before 1.7.1) contains an XSS flaw related to add_query_arg. Affected plugin versions up to 1.7.0 allow client‑side script execution as described in the CVE. Remediation: upgrade to 1.7.1 or newer (as indicated by records in multiple feeds). T...

WordPress Download Monitor Plugin <= 1.6.3 - Authenticated Directory Listing

This plugin is prone to an authenticated directory listing vulnerability. It allows attackers list sever side files and directories. Solution Update the plugin...

CVE-2012-4768

CVE-2012-4768 is a Cross-Site Scripting vulnerability in the WordPress plugin Download Monitor prior to 3.3.5.9. The dlsearch parameter written to download pages can inject arbitrary JavaScript, potentially leading to session cookie theft, redirects, or malware delivery. Exploitation affects Word...

CVE-2013-3262

The CVE-2013-3262 entry concerns an XSS vulnerability in the WordPress Download Monitor plugin for admin/admin.php, exploitable via the p parameter. Affected version: Download Monitor before 3.3.6.2. Root cause: improper handling/sanitization of user-supplied input in the p parameter allows remot...

Fedora Update for xfce4-cpugraph-plugin FEDORA-2007-4385

Check for the Version of xfce4-cpugraph-plugin OpenVAS Vulnerability Test Fedora Update for xfce4-cpugraph-plugin FEDORA-2007-4385 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it...