Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2024-32100

Disclosure Date: May 14, 2024 (last updated February 07, 2025)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11.
Attacker Value
Unknown

CVE-2024-31113

Disclosure Date: May 14, 2024 (last updated February 07, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11.
Attacker Value
Unknown

CVE-2024-31293

Disclosure Date: April 12, 2024 (last updated February 07, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.6.
Attacker Value
Unknown

CVE-2023-0380

Disclosure Date: February 21, 2023 (last updated October 08, 2023)
The Easy Digital Downloads WordPress plugin before 3.1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
Attacker Value
Unknown

CVE-2023-23489

Disclosure Date: January 20, 2023 (last updated October 08, 2023)
The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edd_download_search' action.