Download Manager < 3.2.53 – Unauthenticated Reflected Cross-Site Scripting | Plugin Vulnerabilities

Description

The plugin does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute of the modal login page (only available when users are not logged in), which could lead to Reflected Cross-Site Scripting in old web browsers.

Proof of Concept

On the modal login page from the plugin and using an old web browser (such as IE), append ?a"><script>alert(/XSS/)</script>

e.g: https://example.com/login/?a"><script>alert(/XSS/)</script>

Affects Plugins

download-manager

Fixed in 3.2.53

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

WPScanTeam

Verified

Yes

WPVDB ID

394007c5-7923-46fe-bb4c-2377d66ff900

Timeline

Publicly Published

2022-08-04 (about 3 years ago)

Added

2022-08-04 (about 3 years ago)

Last Updated

2022-08-04 (about 3 years ago)

Other

Published

Title

Published

2025-11-18

Title

Giveaways and Contests by RafflePress – Get More Website Traffic, Email Subscribers, and Social Followers < 1.12.21 - Unauthenticated Stored Cross-Site Scripting

Published

2021-06-25

Title

Paid Membership Pro < 2.5.10 - Cross-Site Scripting (XSS)

Published

2025-04-04

Title

Posts Footer Manager <= 2.2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting

Published

2023-11-07

Title

EazyDocs < 2.3.6 - Reflected XSS

Published

2022-04-04

Title

Social comments by WpDevArt < 2.5.0 - Admin+ Stored Cross-Site Scripting