CVE-2015-9296 – Download Monitor < 1.7.1 - Reflected Cross-Site Scripting

https://notcve.org/view.php?id=CVE-2015-9296

The download-monitor plugin before 1.7.1 for WordPress has XSS related to add_query_arg. El complemento download-monitor versiones anteriores a 1.7.1 para WordPress tiene XSS relacionado con add_query_arg • https://wordpress.org/plugins/download-monitor/#developers • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •