Codename065

**Name of the Vulnerable Software and Affected Versions** WordPress Download Manager versions prior to 2.9.50 **Description** A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML. **Recommendations** For WordPress Download Manager versions prior to 2.9.50, update to version 2.9.50 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** WordPress Download Manager versions prior to 2.9.51 **Description** The issue allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. **Recommendations** For WordPress Download Manager versions prior to 2.9.51, update to version 2.9.51 or later to resolve the issue.