Jolley_Small

#30445of 53,630
8.6Total CVSS
Vulnerabilities · 2
Medium
2
PT-2013-4260
4.3
2013-08-09
WordPress · Download Monitor · CVE-2013-3262
**Name of the Vulnerable Software and Affected Versions** Download Monitor plugin versions prior to 3.3.6.2 **Description** The issue is related to a cross-site scripting (XSS) vulnerability. This vulnerability allows remote attackers to inject arbitrary web script or HTML via the `p` parameter in the `admin/admin.php` file. **Recommendations** For versions prior to 3.3.6.2, update to version 3.3.6.2 or later to resolve the issue.
PT-2013-5363
4.3
2013-08-09
WordPress · Download Monitor · CVE-2013-5098
**Name of the Vulnerable Software and Affected Versions** Download Monitor plugin versions prior to 3.3.6.2 **Description** A cross-site scripting (XSS) issue exists, allowing remote attackers to inject arbitrary web script or HTML. This is achieved via the `sort` parameter in the admin/admin.php file. **Recommendations** For versions prior to 3.3.6.2, update to version 3.3.6.2 or later to resolve the issue.