Vulnerabilities > CVE-2022-2168 - Unspecified vulnerability in Wpdownloadmanager Download Manager

047910
CVSS 6.1 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
LOW
Integrity impact
LOW
Availability impact
NONE
network
low complexity
wpdownloadmanager
NVD
Published: 2022-07-17
Updated: 2024-11-21

Summary

The Download Manager WordPress plugin before 3.2.44 does not escape a generated URL before outputting it back in an attribute of the history dashboard, leading to Reflected Cross-Site Scripting

Vulnerable Configurations

Part Description Count
Application
Wpdownloadmanager
214

References