WordPress Plugin Vulnerabilities
Download manager < 3.2.43 - Reflected Cross-Site Scripting
Description
The plugin does not sanitise and escape the frameid parameter before outputting it back in a JS context, leading to a Reflected Cross-Site Scripting
Affects Plugins
Fixed in version 3.2.43
References
Classification
Miscellaneous
Original Researcher
Rafie Muhammad (Yeraisci)
Verified
Yes
Timeline
Publicly Published
2022-06-02 (about 2 months ago)
Added
2022-06-02 (about 2 months ago)
Last Updated
2022-06-07 (about 2 months ago)