3 matches found
CVE-2023-23489
The Easy Digital Downloads WordPress Plugin, versions 3.1.0.2 & 3.1.0.3, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edddownloadsearch' action...
CVE-2023-23489
creationtimestamp| type| source ---|---|--- 2023-01-16 17:30:07+00:00| seen| https://t.me/truesecator/3945 2023-01-20 20:22:51+00:00| seen| https://t.me/cibsecurity/56774 2024-07-17 17:38:23+00:00| seen| Telegram/opQUKJsRp4O-8-Aia14rQwYiX5GNaIp9JRJcg0Q3xR13-hS2 2025-01-31 00:00:00+00:00| seen| Th...
WordPress Easy Digital Downloads Plugin <= 3.1.0.3 is vulnerable to SQL Injection
Software Easy Digital Downloads Type Plugin Vulnerable versions = 3.1.0.3 Fixed in 3.1.0.4 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2023-23489 Patch priority High CVSS severity High 8.2 Developer Claim ownership PSID 8ebed23bcf9a Credits Joshua Martinelle Required privilege...