4 matches found
CVE-2015-9371
Manual Purchases Add-on for iThemes Exchange before 1.1.0 for WordPress has XSS via addqueryarg and removequeryarg...
CVE-2015-9517
The Easy Digital Downloads EDD Manual Purchases extension for WordPress, as used with EDD 1.8.x before 1.8.7, 1.9.x before 1.9.10, 2.0.x before 2.0.5, 2.1.x before 2.1.11, 2.2.x before 2.2.9, and 2.3.x before 2.3.7, has XSS because addqueryarg is misused...
CVE-2015-9517
The CVE-2015-9517 entry concerns Easy Digital Downloads (EDD) Manual Purchases extension for WordPress. A stored XSS vulnerability arises from misusing add_query_arg, affecting EDD Manual Purchases across versions: 1.8.x before 1.8.7; 1.9.x before 1.9.10; 2.0.x before 2.0.5; 2.1.x before 2.1.11; ...
CVE-2015-9371
CVE-2015-9371 concerns the WordPress ecosystem: the Manual Purchases Add-on for iThemes Exchange (before version 1.1.0) is vulnerable to XSS via add_query_arg() and remove_query_arg(). The connected records confirm the affected product and method but do not provide explicit exploitation details, ...