4 matches found
CVE-2024-9654
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. This is due to a lack of sufficient validation checks within the 'verifyguestemail' function to ensure the requesting user is the intended recipient of the purchase receipt. This...
CVE-2024-9654
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. This is due to a lack of sufficient validation checks within the 'verifyguestemail' function to ensure the requesting user is the intended recipient of the purchase receipt. This...
CVE-2024-9654 Easy Digital Downloads 3.1 - 3.3.4 - Improper Authorization to Paywall Bypass
The Easy Digital Downloads plugin for WordPress is vulnerable to Improper Authorization in versions 3.1 through 3.3.4. This is due to a lack of sufficient validation checks within the 'verifyguestemail' function to ensure the requesting user is the intended recipient of the purchase receipt. This...
RecargaPay: IDOR exposes receipts of all users.
@cablej found an insecure direct object reference IDOR that could expose receipts from external users. Thanks for helping us make RecargaPay more secure!...