CVE-2013-7319

Name of the Vulnerable Software and Affected Versions Download Manager plugin versions prior to 2.5.9

Description A cross-site scripting (XSS) issue allows remote attackers to inject arbitrary web script or HTML via the title field. This could potentially lead to unauthorized actions on the affected website.

Recommendations For versions prior to 2.5.9, update to version 2.5.9 or later to resolve the issue. As a temporary workaround, consider restricting access to the Download Manager plugin until the update is applied. Avoid using the title field in the affected plugin until the issue is resolved.