Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerability discovered in Download Monitor WordPress plugin (versions <= 4.4.6) Vulnerable parameters: &post_title, &downloadable_file_version[0].
References
Configurations
History
16 Sep 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
Summary | (en) Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerability discovered in Download Monitor WordPress plugin (versions <= 4.4.6) Vulnerable parameters: &post_title, &downloadable_file_version[0]. |
07 Nov 2023, 03:30
Type | Values Removed | Values Added |
---|---|---|
Summary | Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerability discovered in Download Monitor WordPress plugin (versions <= 4.4.6) Vulnerable parameters: &post_title, &downloadable_file_version[0]. |
Information
Published : 2022-01-28 20:15
Updated : 2024-09-16 17:15
NVD link : CVE-2021-23174
Mitre link : CVE-2021-23174
CVE.ORG link : CVE-2021-23174
JSON object : View
Products Affected
wpchill
- download_monitor
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')