Web Vulnerability Report

Vulnerability Index
ID EDB-ID-47350
CVSS 3.0 N/A
Cloudbric Score
Cloudbric Detection Yes
Vulnerability Type Cross-SiteScripting(XSS)
Published Date 2019-09-04
Updated Date 2019-09-04
Vendor WordPress Plugin Download Manager 2.9.93
Description In the pro features of the WordPress download manager plugin, there is a Category Short-code feature witch can use to sort categories with order by a function which will be used as ?orderby=title,publish_date By adding parameter "> and add any XSS payload , the xss payload will execute. To reproduce, 1.Go to the link where we can find ?orderby 2.Add parameters >” and give simple payload like [removed]alert(1)[removed] 3.The payload will execute.
Reference N/A
URL Link
Threat Index Table
ID Description Vulnerability Type
Cloudbric Score
Updated Date Detection

To receive weekly updates on new vulnerabilities added to Threat Index

Subscribe Now