Lucene search
PatchstackCVELIST:CVE-2024-29114HistoryMar 19, 2024 - 2:58 p.m.
CVE-2024-29114 WordPress Download Manager plugin <= 3.2.84 - Cross Site Scripting (XSS) vulnerability
2024-03-1914:58:43
CWE-79
Patchstack
www.cve.org
2
cve-2024-29114
cross site scripting
w3 eden inc
download manager
stored xss
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) vulnerability in W3 Eden, Inc. Download Manager allows Stored XSS.This issue affects Download Manager: from n/a through 3.2.84.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "download-manager",
"product": "Download Manager",
"vendor": "W3 Eden, Inc.",
"versions": [
{
"changes": [
{
"at": "3.2.85",
"status": "unaffected"
}
],
"lessThanOrEqual": "3.2.84",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2024-29114
2024-03-19 15:15:08
wpvulndb
wpvulndb
Download Manager < 3.2.85 - Contributor+ Stored XSS
2024-03-21 00:00:00
nvd
nvd
CVE-2024-29114
2024-03-19 15:15:08
wordfence
wordfence
6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
0.0004 Low
EPSS
Percentile
9.1%
Related for CVELIST:CVE-2024-29114