2 matches found
CVE-2024-0659
CVE-2024-0659 : The Easy Digital Downloads – Sell Digital Files plugin (WordPress) is vulnerable to stored XSS via the variable pricing option title in all versions ≤ 3.2.6 due to insufficient input sanitization and output escaping. Exploitation requires shop manager-level authentication and coul...
CVE-2024-0659 Easy Digital Downloads <= 3.2.6 - Authenticated(Shop Manager+) Stored Cross-Site Scripting via variable pricing options
The Easy Digital Downloads – Sell Digital Files eCommerce Store & Payments Made Easy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the variable pricing option title in all versions up to, and including, 3.2.6 due to insufficient input sanitization and output escaping. This...