CVE-2013-5098

Name of the Vulnerable Software and Affected Versions Download Monitor plugin versions prior to 3.3.6.2

Description A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the sort parameter in the admin/admin.php file.

Recommendations For versions prior to 3.3.6.2, update to version 3.3.6.2 or later to resolve the issue.