Cross-Site Scripting Vulnerability in Download Monitor Plugin for WordPress
CVE-2012-4768

Currently unrated

Key Information:

Vendor

Wordpress
Status
Download Monitor
Vendor
CVE Published:
4 September 2014

What is CVE-2012-4768?

The Download Monitor plugin for WordPress has a cross-site scripting vulnerability that allows remote attackers to inject arbitrary web scripts or HTML via the 'dlsearch' parameter in the default URI. This can lead to malicious scripts being executed in the context of a user’s browser, potentially compromising user data and site integrity. Users are advised to update to the latest version to mitigate the risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://secunia.com/advisories/50511
third-party-advisoryx_refsource_SECUNIA
http://archives.neohapsis.com/archives/bugtraq/2012-09/00...
mailing-listx_refsource_BUGTRAQ
http://www.reactionpenetrationtesting.co.uk/wordpress-dow...
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.