Vulnerabilities > Wpfactory > Download Plugins AND Themes From Dashboard > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-10-07 CVE-2019-17239 Cross-site Scripting vulnerability in Wpfactory Download Plugins and Themes From Dashboard
includes/settings/class-alg-download-plugins-settings.php in the download-plugins-dashboard plugin through 1.5.0 for WordPress has multiple unauthenticated stored XSS issues.
network
wpfactory CWE-79
4.3
4.3