Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

W3 Eden Inc. Security Vulnerabilities

cve
cve

CVE-2024-32131

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in W3 Eden Inc. Download Manager allows Functionality Bypass.This issue affects Download Manager: from n/a through...

5.3CVSS

6.7AI Score

0.0004EPSS

2024-05-17 09:15 AM
38
cve
cve

CVE-2024-29114

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Download Manager allows Stored XSS.This issue affects Download Manager: from n/a through...

6.5CVSS

9.1AI Score

0.0004EPSS

2024-03-19 03:15 PM
38
cve
cve

CVE-2024-29924

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in W3 Eden, Inc. Premium Packages allows Reflected XSS.This issue affects Premium Packages: from n/a through...

7.1CVSS

9.3AI Score

0.0004EPSS

2024-03-27 08:15 AM
32
cve
cve

CVE-2022-45836

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in W3 Eden, Inc. Download Manager plugin <= 3.2.59...

7.1CVSS

6AI Score

0.0005EPSS

2023-04-18 02:15 PM
25
cve
cve

CVE-2022-36288

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at...

8.8CVSS

9AI Score

0.001EPSS

2022-08-23 04:15 PM
48
4
cve
cve

CVE-2022-34658

Multiple Authenticated (contributor+) Persistent Cross-Site Scripting (XSS) vulnerabilities in W3 Eden Download Manager plugin <= 3.2.48 at...

5.4CVSS

5.4AI Score

0.001EPSS

2022-08-23 04:15 PM
38
3
cve
cve

CVE-2022-34347

Cross-Site Request Forgery (CSRF) vulnerability in W3 Eden Download Manager plugin <= 3.2.48 at...

8.8CVSS

8.8AI Score

0.001EPSS

2022-08-22 03:15 PM
47
3
cve
cve

CVE-2021-36896

Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Pricing Table (WordPress plugin) versions <=...

4.8CVSS

4.8AI Score

0.001EPSS

2022-04-11 08:15 PM
55
cve
cve

CVE-2021-34639

Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g. "payload.php.png" which is executable in some configurations. This issue affects: WordPress Download Manager version 3.1.24 and prior...

8.8CVSS

8.5AI Score

0.001EPSS

2021-08-05 09:15 PM
44
2
cve
cve

CVE-2021-34638

Authenticated Directory Traversal in WordPress Download Manager <= 3.1.24 allows authenticated (Contributor+) users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing configuration...

6.5CVSS

6AI Score

0.001EPSS

2021-08-05 09:15 PM
49
4
cve
cve

CVE-2017-2216

Cross-site scripting vulnerability in WordPress Download Manager prior to version 2.9.50 allows remote attackers to inject arbitrary web script or HTML via unspecified...

6.1CVSS

6AI Score

0.002EPSS

2017-07-07 01:29 PM
28
cve
cve

CVE-2017-2217

Open redirect vulnerability in WordPress Download Manager prior to version 2.9.51 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified...

6.1CVSS

6.2AI Score

0.002EPSS

2017-07-07 01:29 PM
30
2