Lucene search
K

4 matches found

Patchstack
Patchstack
added 2021/12/21 12:0 a.m.21 views

WordPress Simple Download Monitor plugin <= 3.9.10 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by apple502j in WordPress Simple Download Monitor plugin versions = 3.9.10. Solution Update the WordPress Simple Download Monitor plugin to the latest available version at least 3.9.11...

5.4CVSS2.4AI score0.00611EPSS
Exploits2References3Affected Software1
Patchstack
Patchstack
added 2020/10/21 12:0 a.m.18 views

WordPress Simple Download Monitor plugin <= 3.8.8 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Unauthenticated Cross-Site Scripting XSS vulnerability found by Gen Sato Mitsui Bussan Secure Directions in WordPress Simple Download Monitor plugin versions = 3.8.8 . Solution Update the WordPress Simple Download Monitor plugin to the latest available version at least 3.8.9...

6.1CVSS2.7AI score0.00931EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2020/10/21 12:0 a.m.24 views

WordPress Simple Download Monitor plugin <= 3.8.8 - Unauthenticated Cross-Site Scripting (XSS) vulnerability

Unauthenticated Cross-Site Scripting XSS vulnerability found by Gen Sato Mitsui Bussan Secure Directions in WordPress Simple Download Monitor plugin versions = 3.8.8 . Solution Update the WordPress Simple Download Monitor plugin to the latest available version at least 3.8.9...

6.1CVSS2.7AI score0.00931EPSS
Exploits0References2Affected Software1
Patchstack
Patchstack
added 2016/01/19 12:0 a.m.5 views

WordPress Simple Download Monitor Plugin <= 3.2.8 - Insufficient Authorisation

Because of this vulnerability, any user can access the "sdmtinygetpostids" action which will return a JSON encoded list of all "postid"and "posttitle" that were uploaded with this plugin. Solution Upgrade the plugin...

3.4AI score
Exploits0References1Affected Software1
Rows per page
Query Builder