Vulnerabilities

CVE-2019-15889

by Fred · 03/09/2019

The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.

Date published : 2019-09-03

http://packetstormsecurity.com/files/154356/WordPress-Download-Manager-2.9.93-Cross-Site-Scripting.html

https://packetstormsecurity.com/files/152511/WordPress-Download-Manager-2.9.92-Cross-Site-Scripting.html

Similar

Tags: Cybersecurity Alert