download-manager Plugin up to 2.9.93 on WordPress Category orderby/search[publish_date] cross site scripting

Summaryinfo

A vulnerability classified as problematic was found in download-manager Plugin up to 2.9.93 on WordPress. Affected by this vulnerability is an unknown functionality of the component Category Handler. Such manipulation of the argument orderby/search[publish_date] as part of Parameter leads to cross site scripting. This vulnerability is listed as CVE-2019-15889. The attack may be performed from remote. In addition, an exploit is available. Upgrading the affected component is advised.

Detailsinfo

A vulnerability was found in download-manager Plugin up to 2.9.93 on WordPress (WordPress Plugin). It has been rated as problematic. Affected by this issue is an unknown function of the component Category Handler. The manipulation of the argument orderby/search[publish_date] as part of a Parameter leads to a cross site scripting vulnerability. Using CWE to declare the problem leads to CWE-79. The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users. Impacted is integrity. CVE summarizes:

The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.

The weakness was presented 09/03/2019. This vulnerability is handled as CVE-2019-15889 since 09/03/2019. The attack may be launched remotely. No form of authentication is required for exploitation. Successful exploitation requires user interaction by the victim. Technical details as well as a public exploit are known. This vulnerability is assigned to T1059.007 by the MITRE ATT&CK project.

The exploit is available at exploit-db.com. It is declared as proof-of-concept.

Upgrading to version 2.9.94 eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at Exploit-DB (47350). If you want to get best quality of vulnerability data, you may have to visit VulDB.

Productinfo

Type

• WordPress Plugin

Name

• download-manager Plugin

Version

• 2.9.0
• 2.9.1
• 2.9.2
• 2.9.3
• 2.9.4
• 2.9.5
• 2.9.6
• 2.9.7
• 2.9.8
• 2.9.9
• 2.9.10
• 2.9.11
• 2.9.12
• 2.9.13
• 2.9.14
• 2.9.15
• 2.9.16
• 2.9.17
• 2.9.18
• 2.9.19
• 2.9.20
• 2.9.21
• 2.9.22
• 2.9.23
• 2.9.24
• 2.9.25
• 2.9.26
• 2.9.27
• 2.9.28
• 2.9.29
• 2.9.30
• 2.9.31
• 2.9.32
• 2.9.33
• 2.9.34
• 2.9.35
• 2.9.36
• 2.9.37
• 2.9.38
• 2.9.39
• 2.9.40
• 2.9.41
• 2.9.42
• 2.9.43
• 2.9.44
• 2.9.45
• 2.9.46
• 2.9.47
• 2.9.48
• 2.9.49
• 2.9.50
• 2.9.51
• 2.9.52
• 2.9.53
• 2.9.54
• 2.9.55
• 2.9.56
• 2.9.57
• 2.9.58
• 2.9.59
• 2.9.60
• 2.9.61
• 2.9.62
• 2.9.63
• 2.9.64
• 2.9.65
• 2.9.66
• 2.9.67
• 2.9.68
• 2.9.69
• 2.9.70
• 2.9.71
• 2.9.72
• 2.9.73
• 2.9.74
• 2.9.75
• 2.9.76
• 2.9.77
• 2.9.78
• 2.9.79
• 2.9.80
• 2.9.81
• 2.9.82
• 2.9.83
• 2.9.84
• 2.9.85
• 2.9.86
• 2.9.87
• 2.9.88
• 2.9.89
• 2.9.90
• 2.9.91
• 2.9.92
• 2.9.93

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Discussion