Web Vulnerability Report
| ID | EDB-ID-47350 |
| CVSS 3.0 | N/A |
|
Cloudbric Score
?
|
High |
| Cloudbric Detection | Yes |
| Vulnerability Type | Cross-SiteScripting(XSS) |
| Published Date | 2019-09-04 |
| Updated Date | 2019-09-04 |
| Vendor | WordPress Plugin Download Manager 2.9.93 |
| Description | In the pro features of the WordPress download manager plugin, there is a Category Short-code feature witch can use to sort categories with order by a function which will be used as ?orderby=title,publish_date By adding parameter "> and add any XSS payload , the xss payload will execute. To reproduce, 1.Go to the link where we can find ?orderby 2.Add parameters >” and give simple payload like [removed]alert(1)[removed] 3.The payload will execute. |
| Reference | N/A |
| URL Link | https://www.exploit-db.com/exploits/47350/ |
This vulnerability has been detected by Cloudbric!
Block NOW!
| ID | Description | Vulnerability Type |
Cloudbric Score
?
|
Updated Date | Detection |
|---|
To receive weekly updates on new vulnerabilities added to Threat Index
Subscribe Now