WP File Download WordPress Plugin Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in the WP File Download WordPress plugin, affecting versions prior to 6.2.6. The issue arises because the plugin fails to properly sanitize and escape a parameter before displaying it on the page, allowing for the injection of malicious scripts.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker can inject malicious scripts that are executed in the context of the user's browser.

Reproduction

To reproduce this vulnerability, a logged-in admin user must be made to open a page containing a crafted form. This form should be set to submit to the WordPress admin-ajax.php file with specific parameters that include the unsanitized 'theme_column' value. When the form is submitted, the injected script will execute, demonstrating the cross-site scripting vulnerability.

Remediation

Users are advised to update the WP File Download WordPress plugin to version 6.2.6 or later.