Lucene search
HistoryApr 18, 2023 - 2:15 p.m.
CVE-2022-45836
cve-2022-45836
unauthenticated
reflected xss
w3 eden
download manager plugin
nvd
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
18.4%
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in W3 Eden, Inc. Download Manager plugin <=Β 3.2.59 versions.
Affected configurations
Node
w3_eden\,_inc.download_managerRangeβ€3.2.59
| CPE | Name | Operator | Version |
|---|---|---|---|
| wpdownloadmanager:download_manager | wpdownloadmanager download manager | lt | 3.2.60 |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "download-manager",
"product": "Download Manager",
"vendor": "W3 Eden, Inc.",
"versions": [
{
"changes": [
{
"at": "3.2.60",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.2.59",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
prion
prion
Cross site scripting
2023-04-18 14:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-45836
2023-04-18 14:15:07
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
0.0005 Low
EPSS
Percentile
18.4%
Related for CVE-2022-45836