Description
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in W3 Eden, Inc. Download Manager plugin <= 3.2.59 versions.
Published: 2023-04-18
Score: 7.1 High
EPSS: 8.0% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

Vendor Solution

Update to 3.2.60 or a higher version.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
EUVD EUVD EUVD-2022-48690 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in W3 Eden, Inc. Download Manager plugin <= 3.2.59 versions.
History

Tue, 28 Apr 2026 18:30:00 +0000

Type Values Removed Values Added
Metrics cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L'}

 cvssV3_1

{'score': 7.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L'}

Fri, 21 Mar 2025 19:45:00 +0000

Type Values Removed Values Added
First Time appeared W3eden
W3eden download Manager
CPEs cpe:2.3:a:wpdownloadmanager:download_manager:*:*:*:*:*:wordpress:*:* cpe:2.3:a:w3eden:download_manager:*:*:*:*:free:wordpress:*:*
Vendors & Products Wpdownloadmanager
Wpdownloadmanager download Manager
W3eden
W3eden download Manager

Fri, 10 Jan 2025 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Subscriptions

W3eden Download Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-04-28T16:07:54.207Z

Reserved: 2022-11-23T07:45:46.730Z

Link: CVE-2022-45836

cve-icon Vulnrichment

Updated: 2024-08-03T14:24:03.154Z

cve-icon NVD

Status : Modified

Published: 2023-04-18T14:15:07.317

Modified: 2026-04-28T19:19:03.720

Link: CVE-2022-45836

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses