The WordPress Download Manager WordPress plugin prior to 3.2.16 does not escape some of the Download settings when outputting them, allowing high privilege users to perform XSS attacks even when the unfiltered_html capability is disallowed
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wpdownloadmanager wordpress download manager |