Download Monitor < 3.3.6.2 – Multiple Reflected Cross-Site Scripting | CVE 2013-5098

Affects Plugins

download-monitor

Fixed in 3.3.6.2

References

CVE

CVE-2013-5098

CVE

CVE-2013-3262

URL

https://exchange.xforce.ibmcloud.com/vulnerabilities/85921

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

6.1 (medium)

Miscellaneous

Verified

No

WPVDB ID

e6764282-7c21-4894-ba5f-7fab2a30ceec

Timeline

Publicly Published

2013-07-23 (about 12 years ago)

Added

2019-08-26 (about 6 years ago)

Last Updated

2021-10-06 (about 4 years ago)

Other

Published

Title

Published

2023-01-17

Title

Widget Shortcode <= 0.3.5 - Contributor+ Stored XSS

Published

2014-08-01

Title

Wordfence 3.8.1 - wp-admin/admin.php whois Parameter Stored XSS

Published

2023-06-19

Title

Image Protector <= 1.1 - Admin+ Stored Cross-Site Scripting

Published

2024-10-09

Title

Easy Social Share Buttons <= 1.4.5 - Reflected Cross-Site Scripting

Published

2014-08-01

Title

Gallery Bank 2.0.19 - album-gallery-bank-class.php recordsArray Parameter Reflected XSS