Web Vulnerability Report
ID | EDB-ID-47350 |
CVSS 3.0 | N/A |
Cloudbric Score
?
|
High |
Cloudbric Detection | Yes |
Vulnerability Type | Cross-SiteScripting(XSS) |
Published Date | 2019-09-04 |
Updated Date | 2019-09-04 |
Vendor | WordPress Plugin Download Manager 2.9.93 |
Description | In the pro features of the WordPress download manager plugin, there is a Category Short-code feature witch can use to sort categories with order by a function which will be used as ?orderby=title,publish_date By adding parameter "> and add any XSS payload , the xss payload will execute. To reproduce, 1.Go to the link where we can find ?orderby 2.Add parameters >” and give simple payload like [removed]alert(1)[removed] 3.The payload will execute. |
Reference | N/A |
URL Link | https://www.exploit-db.com/exploits/47350/ |
This vulnerability has been detected by Cloudbric!
Block NOW!
ID | Description | Vulnerability Type |
Cloudbric Score
?
|
Updated Date | Detection |
---|
To receive weekly updates on new vulnerabilities added to Threat Index
Subscribe Now