CVE-2021-24969
Download Manager < 3.2.22 - Subscriber+ Stored Cross-Site Scripting
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS —EPSS 0.6%KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
27 Dec 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
The WordPress Download Manager WordPress plugin before 3.2.22 does not sanitise and escape Template data before outputting it in various pages (such as admin dashboard and frontend). Due to the lack of authorisation and CSRF checks in the wpdm_save_template AJAX action, any authenticated users such as subscriber is able to call it and perform Cross-Site Scripting attacks
Affected products
Unknown · WordPress Download ManagerWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →