ThuraMoeMyint

1 exploit Active since Sep 2019
CVE-2019-15889 EXPLOITDB MEDIUM text WORKING POC
WordPress Download Manager < 2.9.94 - Cross-Site Scripting via Category Shortcode Parameters
The download-manager plugin before 2.9.94 for WordPress has XSS via the category shortcode feature, as demonstrated by the orderby or search[publish_date] parameter.
CVSS 6.1