Vulnerabilities

CVE-2025-5034

by Fred · 21/06/2025

The wp-file-download WordPress plugin before 6.2.6 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting

Assigner : contact@wpscan.com

More information : https://wpscan.com/vulnerability/ebd9aa9f-3da9-4457-922f-975bef6e33f8/

Similar

Tags: Cybersecurity Alert