CVE-2024-32100
- EPSS 0.6%
- Veröffentlicht 14.05.2024 15:34:00
- Zuletzt bearbeitet 07.02.2025 02:40:26
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11.
CVE-2024-31113
- EPSS 0.35%
- Veröffentlicht 14.05.2024 15:24:31
- Zuletzt bearbeitet 07.02.2025 02:39:28
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.11.
CVE-2024-31293
- EPSS 0.08%
- Veröffentlicht 12.04.2024 13:15:18
- Zuletzt bearbeitet 07.02.2025 01:39:13
Cross-Site Request Forgery (CSRF) vulnerability in Easy Digital Downloads.This issue affects Easy Digital Downloads: from n/a through 3.2.6.
CVE-2023-0380
- EPSS 0.2%
- Veröffentlicht 21.02.2023 09:15:12
- Zuletzt bearbeitet 14.03.2025 19:15:40
The Easy Digital Downloads WordPress plugin before 3.1.0.5 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perf...
CVE-2023-23489
- EPSS 85.26%
- Veröffentlicht 20.01.2023 18:15:10
- Zuletzt bearbeitet 03.04.2025 20:15:22
The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edd_download_search' action.