cleantalk
Vulnerabilities and Security Researches

Simple Download Monitor, CVE-2018-5212

CVE, Research URL

CVE-2018-5212

Home page URL

Security reports for Simple Download Monitor

Application

Simple Download Monitor

Published on
Jan 04, 2018
Research Description
The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS via the sdm_upload_thumbnail (aka File Thumbnail) parameter in an edit action to wp-admin/post.php.
Affected versions
Min -, max 3.5.4.
Status
vulnerable
Previous vulnerability researches
Simple Download Monitor (CVE-2025-58197) , Aug 28, 2025
Simple Download Monitor (CVE-2025-8977) , Aug 28, 2025
Simple Download Monitor (CVE-2025-24663) , Jan 26, 2025
Simple Download Monitor (CVE-2018-5212) , Jun 07, 2024
Simple Download Monitor (CVE-2021-24692) , Jun 07, 2024
New vulnerability
Tiktok Feed – Best TikTok feed plugin for WordPress (CVE-2025-54710) , Aug 29, 2025
GiveWP – Donation Plugin and Fundraising Platform (CVE-2025-7221) , Aug 29, 2025
Add Code To Head (CVE-2025-48314) , Aug 29, 2025
130+ Widgets | Best Addons For Elementor – FREE (CVE-2025-58195) , Aug 29, 2025
WP Bulk Delete (CVE-2025-58192) , Aug 29, 2025