CVE-2018-5213

Published January 4th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

3.5

LOW

Affected

PROJECT

Description

The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS via the sdm_upload (aka Downloadable File) parameter in an edit action to wp-admin/post.php.

d4wner/Vulnerabilities-Report

GitHub