Vulnerabilities and Security Researches

Simple Download Monitor, CVE-2018-5212

CVE, Research URL: CVE-2018-5212
Home page URL: Security reports for Simple Download Monitor
Application: Simple Download Monitor
Published on: Jan 04, 2018
Research Description: The Simple Download Monitor plugin before 3.5.4 for WordPress has XSS via the sdm_upload_thumbnail (aka File Thumbnail) parameter in an edit action to wp-admin/post.php.
Affected versions: Min -, max 3.5.4.
Status: vulnerable