Unrated severityNVD Advisory· Published Mar 25, 2022· Updated Apr 28, 2026
WordPress WP-DownloadManager plugin <= 1.68.5 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities
CVE-2022-25606
Description
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vulnerable parameters &download_path, &download_path_url, &download_page_url, &download_categories.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=1.68.6
- Range: <= 1.68.5
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.