Easy Digital Downloads Security Vulnerabilities and Issues — Easy Digital Downloads CVE List

Lucene search

AwesomemotiveEasy Digital Downloads

5 matches found

CVE•added 2019/08/16 9:15 p.m.•341 views

CVE-2015-9324

The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection.

9.8CVSS9.9AI score0.00706EPSS

CVE•added 2023/05/02 10:15 a.m.•80 views

CVE-2023-30869

Improper Authentication vulnerability in Easy Digital Downloads plugin allows unauth. Privilege Escalation. This issue affects Easy Digital Downloads: from 3.1 through 3.1.1.4.1.

9.8CVSS9.6AI score0.00114EPSS

CVE•added 2024/08/29 2:15 p.m.•76 views

CVE-2024-5057

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a through 3.2.12.

9.8CVSS9.8AI score0.02041EPSS

CVE•added 2022/11/21 11:15 a.m.•55 views

CVE-2022-3600

The Easy Digital Downloads WordPress plugin before 3.1.0.2 does not validate data when its output in a CSV file, which could lead to CSV injection.

9.8CVSS9.6AI score0.00436EPSS

CVE•added 2024/12/13 3:15 p.m.•55 views

CVE-2023-40005

Missing Authorization vulnerability in Easy Digital Downloads Easy Digital Downloads allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Digital Downloads: from n/a through 3.1.5.

9.8CVSS5.4AI score0.00274EPSS