WordPress Plugin Vulnerabilities

Download Manager <= 2.5.8 - Download Package file Parameter Stored XSS

Description

The WordPress Download Manager WordPress plugin was affected by a Download Package file Parameter Stored XSS security vulnerability.

Affects Plugins

Plugin icon
download-manager
Fixed in 2.5.9

References

CVE
CVE-2013-7319

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79

Miscellaneous

Verified
No
WPVDB ID
507b934d-5776-45e0-8f16-ed092091aa0b

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2026-04-07
Title
Product Table and List Builder for WooCommerce Lite < 4.6.4 - Unauthenticated Stored Cross-Site Scripting
Published
2024-09-23
Title
Koko Analytics < 1.3.13 - Reflected Cross-Site Scripting
Published
2022-03-30
Title
Donorbox < 7.1.7 - Admin+ Stored Cross-Site Scripting
Published
2024-11-04
Title
Team Showcase and Slider – Team Members Builder <= 1.3 - Reflected Cross-Site Scripting
Published
2024-07-01
Title
Mega Elements < 1.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting