Nixpkgs security tracker

Login with GitHub

⚠️ You are using a production deployment that is still only suitable for demo purposes. Any work done in this might be wiped later without notice.

Suggestions search

Dismissed

Filter by:

With package: lomiri.lomiri-download-manager

Found 1 matching suggestions

View:

Compact

Detailed

Permalink CVE-2022-45836

7.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): LOW
Integrity impact (I): LOW
Availability impact (A): LOW

updated 1 year, 2 months ago by @Erethon Activity log

Created automatic suggestion 1 year, 3 months ago
@Erethon accepted 1 year, 2 months ago
@Erethon dismissed 1 year, 2 months ago
@Erethon accepted 1 year, 2 months ago
@Erethon dismissed 1 year, 2 months ago

WordPress Download Manager Plugin <= 3.2.59 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in W3 Eden, Inc. Download Manager plugin <= 3.2.59 versions.

References

https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entry
https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entryx_transferred
https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entry
https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entryx_transferred
https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entry
https://patchstack.com/database/vulnerability/download-manager/wordpress-downlo… vdb-entryx_transferred

Affected products

download-manager

=<3.2.59

Matching in nixpkgs

pkgs.lomiri.lomiri-download-manager

Performs uploads and downloads from a centralized location

nixos-unstable 0.1.3
- nixpkgs-unstable 0.1.3
- nixos-unstable-small 0.1.3

Package maintainers

@OPNA2608 Cosima Neidahl <opna2608@protonmail.com>

1