Vulnerabilities > Avenirsoft

DATE CVE VULNERABILITY TITLE RISK
2019-09-26 CVE-2015-9442 Cross-Site Request Forgery (CSRF) vulnerability in Avenirsoft Directdownload 1.0
The avenirsoft-directdownload plugin 1.0 for WordPress has CSRF with resultant XSS via wp-admin/admin.php?page=avenir_plugin.
network
low complexity
avenirsoft CWE-352
6.5
6.5