Unrated severityNVD Advisory· Published Mar 18, 2022· Updated Apr 28, 2026
WordPress WP-DownloadManager plugin <= 1.68.6 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
CVE-2022-25605
Description
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vvulnerable parameters &download_path, &download_path_url, &download_page_url.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.68.6
- Range: <= 1.68.6
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.