Security Advisory

CVE-2022-25606

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-03-25 18:02:32

Last updated 2026-04-28 16:07:39

Assigner Patchstack

State PUBLISHED

Description

Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vulnerable parameters &download_path, &download_path_url, &download_page_url, &download_categories.

← Browse all CVEs View on cve.org ↗