2 matches found
WordPress Z-Downloads plugin < 1.11.6 - Unauthenticated Stored XSS vulnerability
Unauthenticated Stored XSS vulnerability discovered by Minh Giang & Christopher Houk in WordPress Plugin Z-Downloads versions 1.11.6...
WordPress Z-Downloads Plugin <= 1.11.3 is vulnerable to Arbitrary File Upload
Software Z-Downloads Type Plugin Vulnerable versions = 1.11.3 Fixed in 1.11.4 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2024-34555 Patch priority Low CVSS severity Low 9.1 Developer Claim ownership PSID b00ddc85506e Credits younsoung kim, SeoHyeon Lee, MyungJu Kim,...