6.3 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.0%
The Easy Digital Downloads (EDD) core component 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7 for WordPress has XSS because add_query_arg is misused.
web.archive.org/web/20160921003517/https://easydigitaldownloads.com/blog/security-fix-released/