cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2022-25606,https://securityvulnerability.io/vulnerability/CVE-2022-25606,WordPress WP-DownloadManager plugin <= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities,"Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vulnerable parameters &download_path, &download_path_url, &download_page_url, &download_categories.",Wordpress,WP-downloadmanager (WordPress),4.8,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,2022-03-25T19:15:00.000Z,0
CVE-2022-25605,https://securityvulnerability.io/vulnerability/CVE-2022-25605,WordPress WP-DownloadManager plugin <= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities,"Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vvulnerable parameters &download_path, &download_path_url, &download_page_url.",Wordpress,WP-downloadmanager (WordPress),4.8,MEDIUM,0.0005000000237487257,false,,false,false,false,,false,false,2022-03-18T18:15:00.000Z,0
CVE-2020-24141,https://securityvulnerability.io/vulnerability/CVE-2020-24141,,"Server-side request forgery in the WP-DownloadManager plugin 1.68.4 for WordPress lets an attacker send crafted requests from the back-end server of a vulnerable web application via the file_remote parameter to download-add.php. It can help identify open ports, local network hosts and execute command on services",Wordpress,WP-downloadmanager,5.3,MEDIUM,0.0006600000197067857,false,,false,false,false,,false,false,2021-07-07T13:34:10.000Z,0
CVE-2013-2697,https://securityvulnerability.io/vulnerability/CVE-2013-2697,,Cross-site request forgery (CSRF) vulnerability in the WP-DownloadManager plugin before 1.61 for WordPress allows remote attackers to hijack the authentication of arbitrary users for requests that insert XSS sequences.,Wordpress,WP-downloadmanager,,,0.0008999999845400453,false,,false,false,false,,false,false,2013-04-19T11:44:00.000Z,0