Untriaged
Permalink
CVE-2022-45836
7.1 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): REQUIRED
- Scope (S): CHANGED
- Confidentiality impact (C): LOW
- Integrity impact (I): LOW
- Availability impact (A): LOW
WordPress Download Manager Plugin <= 3.2.59 is vulnerable to Cross Site Scripting (XSS)
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in W3 Eden, Inc. Download Manager plugin <= 3.2.59 versions.
References
- https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entry
- https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entry x_transferred
- https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entry
- https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entry x_transferred
Affected products
download-manager
- =<3.2.59
Matching in nixpkgs
pkgs.lomiri.lomiri-download-manager
Performs uploads and downloads from a centralized location
-
nixos-unstable -
- nixpkgs-unstable 0.2.1
Package maintainers
-
@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>