CVE-2025-14783
CVE-2025-14783 affects WordPress Easy Digital Downloads (versions ≤ 3.6.2). Root cause: unvalidated redirect in the edd_redirect parameter during password-reset flow, enabling unauthenticated users to coax recipients into visiting malicious sites. Exploitation: a PoC exists on GitHub (ZeroEthical...