CVE-2021-24969

The WordPress Download Manager WordPress plugin before 3.2.22 does not sanitise and escape Template data before outputting it in various pages (such as admin dashboard and frontend). Due to the lack of authorisation and CSRF checks in the wpdm_save_template AJAX action, any authenticated users such as subscriber is able to call it and perform Cross-Site Scripting attacks
Configurations

Configuration 1 (hide)

cpe:2.3:a:wpdownloadmanager:wordpress_download_manager:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 05:54

Type Values Removed Values Added
References () https://wpscan.com/vulnerability/01144c50-54ca-44d9-9ce8-bf4f659114ee - Exploit, Third Party Advisory () https://wpscan.com/vulnerability/01144c50-54ca-44d9-9ce8-bf4f659114ee - Exploit, Third Party Advisory

06 Jan 2022, 17:35

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : 3.5
v3 : 5.4
CPE cpe:2.3:a:wpdownloadmanager:wordpress_download_manager:*:*:*:*:*:wordpress:*:*
References (MISC) https://wpscan.com/vulnerability/01144c50-54ca-44d9-9ce8-bf4f659114ee - (MISC) https://wpscan.com/vulnerability/01144c50-54ca-44d9-9ce8-bf4f659114ee - Exploit, Third Party Advisory

27 Dec 2021, 12:45

Type Values Removed Values Added
New CVE

Information

Published : 2021-12-27 11:15

Updated : 2024-11-21 05:54


NVD link : CVE-2021-24969

Mitre link : CVE-2021-24969

CVE.ORG link : CVE-2021-24969


JSON object : View

Products Affected

wpdownloadmanager

  • wordpress_download_manager
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')