CVE-2025-23452 WordPress EditionGuard for WooCommerce plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vulnerability

🗓️ 16 Jan 2025 20:06:06Reported by PatchstackType

Reflected Cross Site Scripting vulnerability in EditionGuard for WooCommerce plugin versions up to 3.4.2.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-23452	16 Jan 202520:16	–	circl
CNNVD	WordPress plugin EditionGuard for WooCommerce – eBook Sales with DRM 跨站脚本漏洞	16 Jan 202500:00	–	cnnvd
CVE	CVE-2025-23452	16 Jan 202520:06	–	cve
EUVD	EUVD-2025-3188	3 Oct 202520:07	–	euvd
NVD	CVE-2025-23452	16 Jan 202520:15	–	nvd
Patchstack	WordPress EditionGuard for WooCommerce plugin <= 3.4.2 - Reflected Cross Site Scripting (XSS) vulnerability	16 Jan 202518:41	–	patchstack
Positive Technologies	PT-2025-4885 · Unknown · Editionguard For Woocommerce	16 Jan 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-23452	9 Jan 202608:48	–	redhatcve
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (January 13, 2025 to January 19, 2025)	23 Jan 202515:41	–	wordfence

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "editionguard-for-woocommerce-ebook-sales-with-drm",
    "product": "EditionGuard for WooCommerce – eBook Sales with DRM",
    "vendor": "EditionGuard",
    "versions": [
      {
        "lessThanOrEqual": "3.4.2",
        "status": "affected",
        "version": "0",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/Wordpress/Plugin/editionguard-for-woocommerce-ebook-sales-with-drm/vulnerability/wordpress-editionguard-for-woocommerce-plugin-3-4-2-reflected-cross-site-scripting-xss-vulnerability

28 Apr 2026 16:11Current

CVSS 3.17.1

EPSS0.00075

CWE-79