What the vulnerability does
01Description
The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.
CVSS base score
CVSS vector
CVSS:3.0/AC:L/AV:N/A:N/C:L/I:L/PR:N/S:C/UI:R
What the vulnerability does
The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.
Key dates
External resources