Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown
CVE-2024-32100
Disclosure Date: May 14, 2024 (last updated February 07, 2025)
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11.
0
Attacker Value
Unknown
CVE-2024-31113
Disclosure Date: May 14, 2024 (last updated February 07, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11.
0
Attacker Value
Unknown
CVE-2024-31293
Disclosure Date: April 12, 2024 (last updated February 07, 2025)
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.6.
0
Attacker Value
Unknown
CVE-2023-0380
Disclosure Date: February 21, 2023 (last updated October 08, 2023)
The Easy Digital Downloads WordPress plugin before 3.1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
0
Attacker Value
Unknown
CVE-2023-23489
Disclosure Date: January 20, 2023 (last updated October 08, 2023)
The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edd_download_search' action.
0