CVE-2017-18032 - CERT CVE

  1. CVE-2017-18032

ID CVE-2017-18032
Sažetak The download-manager plugin before 2.9.52 for WordPress has XSS via the id parameter in a wpdm_generate_password action to wp-admin/admin-ajax.php.
Reference
CVSS
Base: 4.3
Impact: 2.9
Exploitability:8.6
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:M/Au:N/C:N/I:P/A:N
Zadnje važnije ažuriranje 21-03-2025 - 16:07
Objavljeno 16-01-2018 - 09:29