MidnightBSD

Advisories for mikejolley

CVE-2013-3262 MEDIUM

Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the p parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mikejolley download_monitor 1.0.4
mikejolley download_monitor 1.0.1
mikejolley download_monitor 1.0.2
mikejolley download_monitor 1.0.3
mikejolley download_monitor 1.0.5
mikejolley download_monitor *
mikejolley download_monitor 1.0.0
CVE-2013-5098 MEDIUM

Cross-site scripting (XSS) vulnerability in admin/admin.php in the Download Monitor plugin before 3.3.6.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via the sort parameter, a different vulnerability than CVE-2013-3262.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
mikejolley download_monitor 1.0.4
mikejolley download_monitor 1.0.1
mikejolley download_monitor 1.0.2
mikejolley download_monitor 1.0.3
mikejolley download_monitor 1.0.5
mikejolley download_monitor *
mikejolley download_monitor 1.0.0