Security Researcher Rafie Muhammad reported a reflected Cross-Site Scripting (XSS) vulnerability to Wordfence that they discovered in Download Manager, a WordPress plugin installed on over 100,000 sites. On request, we assigned a vulnerability identifier of CVE-2022-1985, on May 30, 2022. Even though Wordfence provides protection against this vulnerability, we strongly recommend ensuring that your site […]