3 matches found
CVE-2025-14783
The Easy Digital Downloads plugin for WordPress is vulnerable to Unvalidated Redirect in all versions up to, and including, 3.6.2. This is due to insufficient validation on the redirect url supplied via the 'eddredirect' parameter. This makes it possible for unauthenticated attackers to redirect...
WordPress Easy Digital Downloads Plugin <= 3.2.6 is vulnerable to Cross Site Scripting (XSS)
Software Easy Digital Downloads Type Plugin Vulnerable versions = 3.2.6 Fixed in 3.2.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0659 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID ffe82c6fd12f Credits emad Required...
CVE-2023-51684 WordPress Easy Digital Downloads Plugin <= 3.2.5 is vulnerable to Cross Site Scripting (XSS)
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Easy Digital Downloads Easy Digital Downloads – Sell Digital Files eCommerce Store & Payments Made Easy allows Stored XSS.This issue affects Easy Digital Downloads – Sell Digital Files eCommerce...