2 matches found
CVE-2015-9527
The Easy Digital Downloads EDD Simple Shipping extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
CVE-2015-9527
The CVE-2015-9527 entry concerns the WordPress Easy Digital Downloads (EDD) Simple Shipping extension. A cross-site scripting (XSS) flaw exists due to misuse of add_query_arg, affecting EDD releases across multiple branches: 1.8.x before 1.8.7; 1.9.x before 1.9.10; 2.0.x before 2.0.5; 2.1.x befor...