Error on My website

  • Resolved fzpassociates6

    (@fzpassociates6)


    7 years, 8 months ago

    HI,
    I love the plugin but I got these messages and my website has the proper version I believe. How can I resolve this? I am using version 1.9.6 which appears to be your latest version.

    Thank you!
    Fred

    Severity: Critical

    Category: xss

    Summary: Download Monitor 3.3.5.7 – index.php dlsearch Parameter XSS (Note: This plugin changed its version numbering, this may produce false positive)

    Description: Authenticated Cross-Site Scripting (XSS) in Download Monitor before version 3.3.5.9 can be used by authenticated attackers to place arbitrary JavaScript in to a URL or link through the index.php file. The attack is executed through the ‘dlsearch’ parameter. Note: The versioning of this plugin was changed, so this detection may produce false positives.

    <
    Severity: Critical

    Category: xss

    Summary: Download Monitor 3.3.5.4 – Authenticated Cross-Site Scripting (XSS)

    Description: Authenticated Cross-Site Scripting (XSS) in Download Monitor, before at least version 3.3.5.4, can be used by attackers to place arbitrary JavaScript in to a URL or link through the download-monitor/uploader.php file. Note: This plugin has changed its version numbering, this may produce false positives.

Viewing 1 replies (of 1 total)

  • Hello @fzpassociates6,

    Please feel free to ignore this error. Our old version was 3.3.5.4 and last year we revamped the plugin and started the version number back from 1.0. Since 3.3 seems higher the security plugin would keep showing the warning.

    I hope that answers your query. Let us know if you have any further questions.

Viewing 1 replies (of 1 total)
  • The topic ‘Error on My website’ is closed to new replies.