WordPress Plugin Vulnerabilities
Download Manager < 3.2.49 - Contributor+ Stored Cross-Site Scripting
Description
The plugin does not sanitise and escape some parameters which could allow users with a role as low as contruibutor to perform Stored Cross-Site Scripting attacks
Affects Plugins
Fixed in version 3.2.55
References
Classification
Miscellaneous
Timeline
Publicly Published
2022-08-01 (about 6 months ago)
Added
2022-08-24 (about 5 months ago)
Last Updated
2022-08-24 (about 5 months ago)